eblume/blumeops
1
1
Fork 0
Code Issues Pull requests Projects Releases 83 Packages Wiki Activity Actions

Nix container build for nettest #214

Merged
eblume merged 9 commits from feature/nettest-nix-container into main 2026-02-19 08:42:59 -08:00
Conversation 0 Commits 9 Files changed 10 +244 -130
eblume commented 2026-02-19 07:45:07 -08:00
Owner
Copy link

Summary

  • Add containers/nettest/default.nix using dockerTools.buildLayeredImage with curl, jq, dnsutils, cacert, and bash — equivalent to the existing Dockerfile
  • Update container-tag-and-release to require --nix or --dockerfile flag when both build types exist for a container
  • Update container-list to show [dockerfile+nix] label when both exist

Deployment and Testing

  • SSH to ringtail, run nix build -f containers/nettest/default.nix -o result to verify the nix expression builds
  • Tag nettest-nix-v1.0.0, confirm build-container-nix workflow runs on nix-container-builder runner and pushes to registry
  • Smoke test on ringtail k3s: kubectl run nettest --image=registry.ops.eblu.me/blumeops/nettest:v1.0.0 --restart=Never && kubectl logs nettest
  • Verify mise run container-list shows [dockerfile+nix] for nettest
  • Verify mise run container-tag-and-release nettest v1.1.0 prompts for build type
## Summary - Add `containers/nettest/default.nix` using `dockerTools.buildLayeredImage` with curl, jq, dnsutils, cacert, and bash — equivalent to the existing Dockerfile - Update `container-tag-and-release` to require `--nix` or `--dockerfile` flag when both build types exist for a container - Update `container-list` to show `[dockerfile+nix]` label when both exist ## Deployment and Testing - [ ] SSH to ringtail, run `nix build -f containers/nettest/default.nix -o result` to verify the nix expression builds - [ ] Tag `nettest-nix-v1.0.0`, confirm `build-container-nix` workflow runs on `nix-container-builder` runner and pushes to registry - [ ] Smoke test on ringtail k3s: `kubectl run nettest --image=registry.ops.eblu.me/blumeops/nettest:v1.0.0 --restart=Never && kubectl logs nettest` - [ ] Verify `mise run container-list` shows `[dockerfile+nix]` for nettest - [ ] Verify `mise run container-tag-and-release nettest v1.1.0` prompts for build type
Create containers/nettest/default.nix using dockerTools.buildLayeredImage
with the same tools as the Dockerfile (curl, jq, dnsutils, cacert, bash).
Update container-list and container-tag-and-release to handle containers
that have both a Dockerfile and default.nix, requiring --nix or --dockerfile
flag when both exist.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Port from bash to uv run --script with typer. Default behavior now
builds both variants (dockerfile + nix) when both exist. Add --nix and
--dockerfile flags to release only one variant, and --dry-run to preview
without creating tags.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Use separate registry tags for nix vs dockerfile builds
Some checks failed
Build Container / build (push) Successful in 20s
Details
Build Container (Nix) / build (push) Failing after 26s
Details
2623c1c6fe 
Nix builds push to :v<version>-nix so both variants coexist in the
registry instead of overwriting each other.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Fix nix container build: resolve nixpkgs from flake registry
Some checks failed
Build Container / build (push) Has been skipped
Details
Build Container (Nix) / build (push) Failing after 2s
Details
514a797067 
The runner service doesn't have NIX_PATH set, so <nixpkgs> fails.
Add a step to resolve nixpkgs from the flake registry and set NIX_PATH.
Also switch to nix-build (legacy CLI) and stop hardcoding aarch64-linux
in default.nix.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add jq to nix-container-builder runner hostPackages
Some checks failed
Build Container / build (push) Has been skipped
Details
Build Container (Nix) / build (push) Failing after 8s
Details
dfe0f22108 
The nix container build workflow uses jq to parse flake metadata when
resolving nixpkgs.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add container policy.json and registries.conf for ringtail
All checks were successful
Build Container / build (push) Has been skipped
Details
Build Container (Nix) / build (push) Successful in 7s
Details
a008ee4702 
Minimal container config: policy.json for skopeo image pushes, and
registries.conf with unqualified search matching indri's minikube setup
(registry.ops.eblu.me, docker.io, ghcr.io, quay.io).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add hostname package to nettest nix container
All checks were successful
Build Container (Nix) / build (push) Successful in 9s
Details
Build Container / build (push) Successful in 12s
Details
58e13fab7d 
Alpine provides hostname via busybox; nix needs it explicitly.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Simplify container tagging: one tag triggers all workflows
All checks were successful
Build Container (Nix) / build (push) Successful in 6s
Details
Build Container / build (push) Successful in 12s
Details
e7f6a71e9b 
Both the Dockerfile and Nix workflows now trigger on the same tag
pattern (*-v[0-9]*). Each workflow checks for its build file and
skips if not present. This eliminates the need for separate -nix-
tags and --nix/--dockerfile flags in the release script.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- build-container-image how-to: document nix builds, --dry-run, unified
  tag triggering both workflows, add nettest nix pattern
- ringtail reference: expand runner section with host packages, nixpkgs
  resolution, and container config files
- forgejo reference: document both runners and both workflows
- changelog fragment: reflect final scope

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
eblume merged commit 695089499e into main 2026-02-19 08:42:59 -08:00
eblume referenced this pull request from a commit 2026-02-19 08:43:00 -08:00
Nix container build for nettest (#214)
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
eblume/blumeops!214
No description provided.