diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml index 3d809f8b..7c09d511 100644 --- a/.github/workflows/prod.yml +++ b/.github/workflows/prod.yml @@ -3,7 +3,7 @@ concurrency: group: ${{ github.actor }} jobs: deployContainer_makesAmd64: - if: ${{ github.repository == 'fluidattacks/makes' }} + if: ${{ github.repository == 'dsalaza4/makes' }} runs-on: ubuntu-latest permissions: packages: write @@ -17,7 +17,7 @@ jobs: with: args: sh -c "chown -R root:root /github/workspace && nix-env -if . && m . /deployContainer/makesAmd64" deployContainer_makesArm64: - if: ${{ github.repository == 'fluidattacks/makes' }} + if: ${{ github.repository == 'dsalaza4/makes' }} runs-on: buildjet-2vcpu-ubuntu-2204-arm permissions: packages: write @@ -31,7 +31,7 @@ jobs: with: args: sh -c "chown -R root:root /github/workspace && nix-env -if . && m . /deployContainer/makesArm64" deployContainerManifest_makes: - if: ${{ github.repository == 'fluidattacks/makes' }} + if: ${{ github.repository == 'dsalaza4/makes' }} runs-on: ubuntu-latest permissions: packages: write diff --git a/makes.nix b/makes.nix index c7934471..40da21e5 100644 --- a/makes.nix +++ b/makes.nix @@ -20,7 +20,7 @@ token = "GITHUB_TOKEN"; user = "GITHUB_ACTOR"; }; - image = "ghcr.io/fluidattacks/makes:amd64"; + image = "ghcr.io/dsalaza4/makes:amd64"; src = outputs."/container-image"; sign = true; }; @@ -29,7 +29,7 @@ token = "GITHUB_TOKEN"; user = "GITHUB_ACTOR"; }; - image = "ghcr.io/fluidattacks/makes:arm64"; + image = "ghcr.io/dsalaza4/makes:arm64"; src = outputs."/container-image"; sign = true; }; @@ -40,17 +40,17 @@ token = "GITHUB_TOKEN"; user = "GITHUB_ACTOR"; }; - image = "ghcr.io/fluidattacks/makes:latest"; + image = "ghcr.io/dsalaza4/makes:latest"; manifests = [ { - image = "ghcr.io/fluidattacks/makes:amd64"; + image = "ghcr.io/dsalaza4/makes:amd64"; platform = { architecture = "amd64"; os = "linux"; }; } { - image = "ghcr.io/fluidattacks/makes:arm64"; + image = "ghcr.io/dsalaza4/makes:arm64"; platform = { architecture = "arm64"; os = "linux"; diff --git a/makes/container-image/main.nix b/makes/container-image/main.nix index 2614bcdf..bb836965 100644 --- a/makes/container-image/main.nix +++ b/makes/container-image/main.nix @@ -11,6 +11,15 @@ __nixpkgs__.dockerTools.buildImage { "NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt" "SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt" "SYSTEM_CERTIFICATE_PATH=/etc/ssl/certs/ca-bundle.crt" + + # Support non-nix binaries via nix-ld (glibc) + "NIX_LD_LIBRARY_PATH=${ + __nixpkgs__.lib.makeLibraryPath [ __nixpkgs__.stdenv.cc ] + }" + "NIX_LD=${ + __nixpkgs__.lib.fileContents + "${__nixpkgs__.stdenv.cc}/nix-support/dynamic-linker" + }" ]; User = "root:root"; WorkingDir = "/working-dir"; @@ -29,8 +38,15 @@ __nixpkgs__.dockerTools.buildImage { __nixpkgs__.gnugrep __nixpkgs__.gnutar __nixpkgs__.gzip + __nixpkgs__.nix-ld __nixpkgs__.nixVersions.nix_2_15 + # Support non-nix binaries via nix-ld (glibc) + (__nixpkgs__.runCommand "dynamic-link" { } '' + mkdir /lib64 + ln -s /libexec/nix-ld /lib64/$(basename $(< ${__nixpkgs__.stdenv.cc}/nix-support/dynamic-linker)) + '') + # Add /usr/bin/env pointing to /bin/env (__nixpkgs__.runCommand "user-bin-env" { } '' mkdir -p $out/usr/bin