Nix-build-task: A reusable Concourse task for building Nix derivations

My latest diversion may be of interest to any Concourse users here.

In a concourse pipeline, “tasks” are each run in separate containers, and a significant frustration is having to grant tasks privileged: true to be able to build a container image in your pipeline. This is where pkgs.dockerTools etc. have something to bring to the table.

@ris do you run concourse on nixos? I’m thinking about setting up a server, but there seems to be no nixos modul for concourse yet

Nope sorry. Last time I considered the possibility I saw how many random opaque binaries came with garden-runc and it made me sad.