this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix skopeo

+85 -7
+70 -7
.tangled/workflows/build.yml
··· 37 37 - fontconfig 38 38 - pipenv 39 39 - cacert 40 + # Shell utilities — Nixery base image is minimal; grep, sed, head, 41 + # tr, mkdir, etc. are NOT available unless these are listed. 42 + - coreutils 43 + - gnugrep 44 + - gnused 45 + - findutils 40 46 41 47 environment: 42 48 PIPENV_VENV_IN_PROJECT: "1" ··· 130 136 command: | 131 137 echo "=== Creating virtualenv ===" 132 138 python3 -m venv .venv 139 + 140 + # psycopg_c needs pg_config to find PostgreSQL headers/libs at build 141 + # time. In a Nixery container the binary exists in the Nix store but 142 + # the build subprocess may not find it unless we set PG_CONFIG and 143 + # tell the C compiler where headers and libraries live (mirrors the 144 + # PG_CONFIG / LDFLAGS / CPPFLAGS set in flake.nix devShell). 145 + echo "=== Configuring PostgreSQL build flags ===" 146 + PG_CONFIG_BIN="$(which pg_config 2>/dev/null || true)" 147 + if [ -z "$PG_CONFIG_BIN" ]; then 148 + # Fallback: search the Nix store directly 149 + PG_CONFIG_BIN="$(find /nix/store -maxdepth 3 -name pg_config -type f 2>/dev/null | head -1)" 150 + fi 151 + if [ -n "$PG_CONFIG_BIN" ]; then 152 + PG_INCLUDEDIR="$($PG_CONFIG_BIN --includedir)" 153 + PG_LIBDIR="$($PG_CONFIG_BIN --libdir)" 154 + export PG_CONFIG="$PG_CONFIG_BIN" 155 + export LDFLAGS="${LDFLAGS:-} -L${PG_LIBDIR}" 156 + export CPPFLAGS="${CPPFLAGS:-} -I${PG_INCLUDEDIR}" 157 + echo " PG_CONFIG = $PG_CONFIG" 158 + echo " LDFLAGS = $LDFLAGS" 159 + echo " CPPFLAGS = $CPPFLAGS" 160 + else 161 + echo "WARNING: pg_config not found — psycopg_c build may fail" 162 + fi 163 + 133 164 echo "=== Installing production dependencies ===" 134 165 pipenv install --deploy --categories "packages" 135 166 echo "=== Virtualenv contents ===" ··· 242 273 # Method 1: Check if NIX_PATH is already set and valid 243 274 if [ -n "${NIX_PATH:-}" ]; then 244 275 echo "NIX_PATH is set: ${NIX_PATH}" 245 - NIXPKGS_PATH=$(echo "$NIX_PATH" | tr ':' '\n' | grep 'nixpkgs=' | head -1 | sed 's/nixpkgs=//') 276 + # Parse NIX_PATH using pure shell — no grep/sed needed 277 + IFS=':' read -ra _nix_entries <<< "$NIX_PATH" 278 + for _entry in "${_nix_entries[@]}"; do 279 + case "$_entry" in 280 + nixpkgs=*) NIXPKGS_PATH="${_entry#nixpkgs=}"; break ;; 281 + esac 282 + done 246 283 fi 247 284 248 285 # Method 2: Find nixpkgs in the Nix store via a known package derivation ··· 254 291 NIXPKGS_PATH=$(find /nix/store -maxdepth 1 -name '*-nixpkgs-src' -type d 2>/dev/null | head -1) 255 292 fi 256 293 257 - # Method 3: Look for a channel-style nixpkgs directory 294 + # Method 3: Look for a channel-style nixpkgs directory (exclude .drv files via find) 258 295 if [ -z "$NIXPKGS_PATH" ] || [ ! -d "$NIXPKGS_PATH" ]; then 259 - NIXPKGS_PATH=$(find /nix/store -maxdepth 1 -name '*-nixos-*' -type d 2>/dev/null | grep -v '\.drv$' | head -1) 296 + NIXPKGS_PATH=$(find /nix/store -maxdepth 1 -name '*-nixos-*' -type d ! -name '*.drv' 2>/dev/null | head -1) 260 297 fi 261 298 262 299 # Method 4: Find any path containing a top-level pkgs/top-level/all-packages.nix 263 300 if [ -z "$NIXPKGS_PATH" ] || [ ! -d "$NIXPKGS_PATH" ]; then 264 - NIXPKGS_PATH=$(find /nix/store -maxdepth 3 -path '*/pkgs/top-level/all-packages.nix' 2>/dev/null | head -1 | sed 's|/pkgs/top-level/all-packages.nix||') 301 + _allpkgs=$(find /nix/store -maxdepth 3 -path '*/pkgs/top-level/all-packages.nix' 2>/dev/null | head -1) 302 + if [ -n "$_allpkgs" ]; then 303 + NIXPKGS_PATH="${_allpkgs%/pkgs/top-level/all-packages.nix}" 304 + fi 265 305 fi 266 306 267 307 # Method 5: Use nix-instantiate --eval to locate nixpkgs from the registry ··· 299 339 ls -lh result 300 340 echo "" 301 341 302 - # Inspect the image 342 + # Inspect the image — skopeo needs /var/tmp for temp files and a 343 + # containers policy.json to exist. 303 344 echo "=== Image layers ===" 345 + mkdir -p /var/tmp 346 + mkdir -p /etc/containers 347 + if [ ! -f /etc/containers/policy.json ]; then 348 + echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json 349 + fi 304 350 if command -v skopeo &> /dev/null; then 305 351 skopeo inspect docker-archive:result | jq '{Layers: .Layers | length, Digest: .Digest, Created: .Created}' 2>/dev/null || echo "(inspection skipped)" 306 352 fi ··· 341 387 exit 0 342 388 fi 343 389 390 + # skopeo needs /var/tmp for temp files and a trust policy 391 + mkdir -p /var/tmp 392 + mkdir -p /etc/containers 393 + if [ ! -f /etc/containers/policy.json ]; then 394 + echo '{"default":[{"type":"insecureAcceptAnything"}]}' > /etc/containers/policy.json 395 + fi 396 + 344 397 echo "Logging in to ${REGISTRY_URL}..." 345 398 echo "${REGISTRY_TOKEN}" | skopeo login "${REGISTRY_URL}" \ 346 399 --username "${REGISTRY_USERNAME}" \ ··· 348 401 349 402 echo "" 350 403 echo "Pushing image..." 404 + PUSH_FAILED=0 351 405 for TAG in $TAGS; do 352 406 DEST="${REGISTRY_URL}/${REGISTRY_IMAGE}:${TAG}" 353 407 echo " -> ${DEST}" 354 - skopeo copy \ 408 + if ! skopeo copy \ 355 409 "docker-archive:result" \ 356 410 "docker://${DEST}" \ 357 - --retry-times 3 411 + --retry-times 3; then 412 + echo " !! FAILED to push ${DEST}" 413 + PUSH_FAILED=1 414 + fi 358 415 done 416 + 417 + if [ "$PUSH_FAILED" -ne 0 ]; then 418 + echo "" 419 + echo "=== Some tags failed to push ===" 420 + exit 1 421 + fi 359 422 360 423 echo "" 361 424 echo "=== All tags pushed successfully ==="
+15
care/CLAUDE.md
··· 400 400 - `pipenv install --deploy --categories "packages"` installs only production deps 401 401 - The `Pipfile.lock` must exist and match (--deploy enforces this) 402 402 403 + ### psycopg_c build in CI: 404 + - `psycopg[c]` (the C-accelerated PostgreSQL adapter) compiles `psycopg_c` from source 405 + - The build subprocess shells out to `pg_config` to locate PostgreSQL headers and 406 + libraries — this fails with `No such file or directory: 'pg_config'` unless we 407 + explicitly set `PG_CONFIG`, `LDFLAGS`, and `CPPFLAGS` 408 + - The flake.nix dev shell sets these via `envVars` (`PG_CONFIG`, `LDFLAGS`, `CPPFLAGS`) 409 + pointing at `${pkgs.postgresql_15}` 410 + - In the Nixery CI container, `postgresql_15` is a dependency but the install step must 411 + discover `pg_config` at runtime (`which pg_config` or Nix store search) and export: 412 + - `PG_CONFIG=/nix/store/…/bin/pg_config` 413 + - `LDFLAGS=-L$($PG_CONFIG --libdir)` 414 + - `CPPFLAGS=-I$($PG_CONFIG --includedir)` 415 + - Without these, `pipenv install` succeeds for pure-Python packages but fails on 416 + `psycopg_c` metadata generation 417 + 403 418 ### Plugin installation: 404 419 - Happens AFTER pipenv install 405 420 - Reads `ADDITIONAL_PLUGS` env var (JSON array)