fix(CI): copyToPodman

hardenedlinux · Feb 24, 2024 · efcb4b1 · efcb4b1
1 parent 1899433
commit efcb4b1
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 21 deletions.
diff --git a/.github/actions/common-setup/action.yml b/.github/actions/common-setup/action.yml
@@ -9,24 +9,23 @@ inputs:
 runs:
   using: "composite"
   steps:
-    - uses: jlumbroso/free-disk-space@main
-      with:
-        # These 5 options give back ~32Gb. If that's not enough, the remaining flags can be set to `true` at the expense
-        # of this action taking longer to finish
-        android: true
-        dotnet: true
-        haskell: true
-        docker-images: true
-        swap-storage: true
+    # - uses: jlumbroso/free-disk-space@main
+    #   with:
+    #     # These 5 options give back ~32Gb. If that's not enough, the remaining flags can be set to `true` at the expense
+    #     # of this action taking longer to finish
+    #     android: true
+    #     dotnet: true
+    #     haskell: true
+    #     docker-images: true
+    #     swap-storage: true
 
-        large-packages: false
-        tool-cache: false
+    #     large-packages: false
+    #     tool-cache: false
 
     - uses: DeterminateSystems/nix-installer-action@main
       with:
         extra-conf: |
           accept-flake-config = true
-
         github_token: ${{ inputs.SECRET_GITHUB_TOKEN }}
 
     - uses: DeterminateSystems/magic-nix-cache-action@main

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -4,6 +4,11 @@ on:
   push:
     branches:
       - main
+env:
+  REGISTRY_USER: ${{ github.actor }}
+  REGISTRY_PASSWORD: ${{ github.token }}
+  IMAGE_REGISTRY: ghcr.io/${{ github.repository_owner }}
+
 jobs:
   Jupyenv:
     runs-on: ubuntu-latest
@@ -58,16 +63,17 @@ jobs:
         with:
           SECRET_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      - uses: docker/login-action@master
+      - name: Log in to ghcr.io
+        uses: redhat-actions/podman-login@v1
         with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          username: ${{ env.REGISTRY_USER }}
+          password: ${{ env.REGISTRY_PASSWORD }}
+          registry: ${{ env.IMAGE_REGISTRY }}
 
       - name: build oci-image
         run: |
           nix build ./nix/std#x86_64-linux.repo.containers.dev.out
       - name: copy oci-image to the register
         run: |
-          # nix run ./nix/std#x86_64-linux.repo.containers.dev.out.copyToRegistry
-          nix run ./nix/std\#x86_64-linux.repo.containers.dev.out.copyTo -- docker://ghcr.io/hardenedlinux/aisecurity-research-template:latest
+          nix run ./nix/std#x86_64-linux.repo.containers.dev.out.copyToRegistry
+          # nix run ./nix/std\#x86_64-linux.repo.containers.dev.out.copyTo -- docker://ghcr.io/hardenedlinux/aisecurity-research-template:latest
diff --git a/nix/std/flake.lock b/nix/std/flake.lock