tailscale-dev/tclip

Leverage skopeo for pipeline

Opened this issue · 2 comments

Currently the CI/CD process builds the container image, then loads it into Docker and uses Docker to push it. I've had fairly good luck with using https://github.com/containers/skopeo to push the Nix-built container image directly. It's a minor "optimization" (if you could call it that) but might be worth looking at.

Here's a rough example of where I'm using it for a personal repository: https://git.gmem.ca/arch/dref/src/branch/trunk/.gitea/workflows/test-build.yml#L36-L72

The tradeoff is in incorporating and trusting another party in the build process.

To clarify, the third party in this case is Red Hat :)