diff --git a/containers/nettest/default.nix b/containers/nettest/default.nix new file mode 100644 index 0000000..1739c41 --- /dev/null +++ b/containers/nettest/default.nix @@ -0,0 +1,38 @@ +# Nix-built nettest container +# Equivalent to the Dockerfile: curl, jq, bind (nslookup), ca-certs, bash +# Built with dockerTools.buildLayeredImage for efficient layer caching +{ pkgs ? import { system = "aarch64-linux"; } }: + +let + testScript = ./test-connectivity.sh; + + tools = pkgs.buildEnv { + name = "nettest-tools"; + paths = [ + pkgs.curl + pkgs.jq + pkgs.dnsutils # provides nslookup, dig + pkgs.cacert + pkgs.coreutils + pkgs.bashInteractive + ]; + }; +in +pkgs.dockerTools.buildLayeredImage { + name = "blumeops/nettest"; + tag = "latest"; + + contents = [ tools ]; + + extraCommands = '' + cp ${testScript} test-connectivity.sh + chmod +x test-connectivity.sh + ''; + + config = { + Entrypoint = [ "/bin/bash" "/test-connectivity.sh" ]; + Env = [ + "SSL_CERT_FILE=${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt" + ]; + }; +} diff --git a/docs/changelog.d/feature-nettest-nix-container.feature.md b/docs/changelog.d/feature-nettest-nix-container.feature.md new file mode 100644 index 0000000..6bf24fb --- /dev/null +++ b/docs/changelog.d/feature-nettest-nix-container.feature.md @@ -0,0 +1 @@ +Added Nix container build for nettest, validating the full nix-container-builder pipeline on ringtail. Updated container-list and container-tag-and-release to support containers with both Dockerfile and default.nix. diff --git a/mise-tasks/container-list b/mise-tasks/container-list index 0122e77..b0d449b 100755 --- a/mise-tasks/container-list +++ b/mise-tasks/container-list @@ -14,20 +14,26 @@ echo "" for dir in "$CONTAINER_DIR"/*/; do [[ -d "$dir" ]] || continue - # Determine build type - if [[ -f "$dir/default.nix" ]]; then - build_type="nix" - elif [[ -f "$dir/Dockerfile" ]]; then - build_type="dockerfile" - else - continue - fi + # Determine available build types + has_dockerfile=false + has_nix=false + [[ -f "$dir/Dockerfile" ]] && has_dockerfile=true + [[ -f "$dir/default.nix" ]] && has_nix=true + + # Skip directories with no build files + $has_dockerfile || $has_nix || continue + + # Build type label + types=() + $has_dockerfile && types+=("dockerfile") + $has_nix && types+=("nix") + label=$(IFS=+; echo "${types[*]}") # Extract container name from directory container=$(basename "$dir") image="blumeops/$container" - echo "[$build_type] $container" + echo "[$label] $container" echo " Image: $REGISTRY/$image" echo " Path: $dir" @@ -48,6 +54,8 @@ done echo "---" echo "To release a new version:" echo " mise run container-tag-and-release " +echo " mise run container-tag-and-release --nix # nix build" +echo " mise run container-tag-and-release --dockerfile # dockerfile build" echo "" echo "Example:" echo " mise run container-tag-and-release nettest v1.0.0" diff --git a/mise-tasks/container-tag-and-release b/mise-tasks/container-tag-and-release index 493f00f..bd916e8 100755 --- a/mise-tasks/container-tag-and-release +++ b/mise-tasks/container-tag-and-release @@ -5,9 +5,13 @@ set -euo pipefail CONTAINER="${1:-}" VERSION="${2:-}" +BUILD_TYPE_FLAG="${3:-}" if [[ -z "$CONTAINER" || -z "$VERSION" ]]; then - echo "Usage: mise run container-tag-and-release " + echo "Usage: mise run container-tag-and-release [--nix|--dockerfile]" + echo "" + echo "When a container has both a Dockerfile and default.nix, you must specify" + echo "the build type with --nix or --dockerfile." echo "" echo "Run 'mise run container-list' to see available containers and recent tags." exit 1 @@ -21,28 +25,57 @@ fi # Determine build type: Nix or Dockerfile CONTAINER_DIR="containers/${CONTAINER}" -if [[ -f "$CONTAINER_DIR/default.nix" ]]; then - BUILD_TYPE="nix" - TAG="${CONTAINER}-nix-${VERSION}" -elif [[ -f "$CONTAINER_DIR/Dockerfile" ]]; then - BUILD_TYPE="dockerfile" - TAG="${CONTAINER}-${VERSION}" -else +HAS_NIX=false +HAS_DOCKERFILE=false + +[[ -f "$CONTAINER_DIR/default.nix" ]] && HAS_NIX=true +[[ -f "$CONTAINER_DIR/Dockerfile" ]] && HAS_DOCKERFILE=true + +if ! $HAS_NIX && ! $HAS_DOCKERFILE; then echo "Error: No Dockerfile or default.nix found in '$CONTAINER_DIR'" echo "" echo "Available containers:" for dir in containers/*/; do [[ -d "$dir" ]] || continue name=$(basename "$dir") - if [[ -f "$dir/default.nix" ]]; then - echo " - $name (nix)" - elif [[ -f "$dir/Dockerfile" ]]; then - echo " - $name (dockerfile)" - fi + types=() + [[ -f "$dir/Dockerfile" ]] && types+=("dockerfile") + [[ -f "$dir/default.nix" ]] && types+=("nix") + [[ ${#types[@]} -gt 0 ]] && echo " - $name ($(IFS=, ; echo "${types[*]}"))" done exit 1 fi +if $HAS_NIX && $HAS_DOCKERFILE; then + # Both exist — require explicit flag + case "$BUILD_TYPE_FLAG" in + --nix) + BUILD_TYPE="nix" + ;; + --dockerfile) + BUILD_TYPE="dockerfile" + ;; + *) + echo "Error: '$CONTAINER' has both a Dockerfile and default.nix." + echo "" + echo "Specify the build type:" + echo " mise run container-tag-and-release $CONTAINER $VERSION --nix" + echo " mise run container-tag-and-release $CONTAINER $VERSION --dockerfile" + exit 1 + ;; + esac +elif $HAS_NIX; then + BUILD_TYPE="nix" +elif $HAS_DOCKERFILE; then + BUILD_TYPE="dockerfile" +fi + +if [[ "$BUILD_TYPE" == "nix" ]]; then + TAG="${CONTAINER}-nix-${VERSION}" +else + TAG="${CONTAINER}-${VERSION}" +fi + echo "Creating release tag: $TAG" echo "Build type: $BUILD_TYPE" echo ""