forked from Gerschtli/nix-config
-
Notifications
You must be signed in to change notification settings - Fork 0
183 lines (161 loc) · 6.3 KB
/
ci_experimental.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
name: Build and test flake outputs (using gh caches)
on:
push:
workflow_dispatch:
workflow_call:
inputs:
branch:
description: Branch name to build on
default: ""
required: false
type: string
secrets:
CACHIX_ACTIVATE_TOKEN:
CACHIX_AUTH_TOKEN:
required: true
jobs:
nix:
strategy:
fail-fast: false
matrix:
yamlbasename:
- ci_experimental.yml
os:
- ubuntu-latest
system:
- aarch64
- x86_64
shell:
- devShells.$_system.ruby
- haskellShell
- yaocaml
- agda
- haskell
nix-command:
- flake info
include:
- legacy-openssl: false
- legacy-openssl: true
shell: devShells.$_system.ruby
command: ruby --version
- shell: haskellShell
command: ghci --version
- shell: yaocaml
command: ocaml --version
- shell: agda
command: ghci --version
- shell: haskell
command: ghci --version
- nix-command: eval .#apps.$_system.nixos-shell.program
system: aarch64
- nix-command: eval .#apps.$_system.setup.program
system: aarch64
- nix-command: eval .#apps.$_system.nixos-shell.program
system: x86_64
- nix-command: eval .#apps.$_system.setup.program
system: x86_64
- nix-command: build .#homeConfigurations."dani@maiziedemacchiato".activationPackage
system: x86_64
deploy-agent: maiziedemacchiato
- nix-command: build .#nixOnDroidConfigurations.sams9.activationPackage --impure --print-build-logs --log-lines 9999
system: aarch64
deploy-agent: sams9
- nix-command: build .#nixosConfigurations.DANIELKNB1.config.system.build.toplevel
system: x86_64
deploy-agent: DANIELKNB1
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ inputs.branch }}
- name: Free Disk Space (Ubuntu)
if: contains(matrix.nix-command, 'activationPackage') || contains(matrix.nix-command, 'toplevel') || contains(matrix.nix-command, 'ruby') || contains(matrix.nix-command, 'haskellShell')
env:
_system: ${{ matrix.system }}-linux
uses: jlumbroso/free-disk-space@main
continue-on-error: true
with:
tool-cache: true
- name: Set Swap Space
uses: actionhippie/swap-space@master
with:
size: 10G
- name: Install qemu-user-static (aarch64)
if: matrix.system == 'aarch64'
env:
_system: ${{ matrix.system }}-linux
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
sudo apt-get update --allow-releaseinfo-change
sudo apt-get update
sudo apt-get install -y qemu-user-static
- name: Quick install
env:
_system: ${{ matrix.system }}-linux
uses: nixbuild/nix-quick-install-action@v26
with:
nix_conf: |
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
keep-going = true
show-trace = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
keep-outputs = true
${{ matrix.system == 'aarch64' && 'system = aarch64-linux # enables binfmt on that machine, see https://nixos.wiki/wiki/NixOS_on_ARM#Compiling_through_binfmt_QEMU' || '' }}
- name: Restore and cache Nix store
env:
_system: ${{ matrix.system }}-linux
uses: nix-community/cache-nix-action@v4
with:
gc-linux: true
gc-max-store-size-linux: 13000000000
purge: true
purge-created-max-age: 60
purge-created: true
purge-accessed: true
key: cache-${{ matrix.os }}-${{ hashFiles(format('.github/workflows/{0}', matrix.yamlbasename)) }}
restore-keys: |
cache-${{ matrix.os }}-
- name: Setup cachix
env:
_system: ${{ matrix.system }}-linux
uses: cachix/cachix-action@v12
with:
name: 573-bc
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
- name: My shells
env:
_system: ${{ matrix.system }}-linux
NIXPKGS_ALLOW_INSECURE: ${{ matrix.legacy-openssl == true && 1 || 0 }}
NIXPKGS_ALLOW_BROKEN: ${{ matrix.legacy-openssl == true && 1 || 0 }}
uses: nicknovitski/[email protected]
with:
arguments: .#${{ (matrix.shell == '') && format('formatter.{0}', env._system) || matrix.shell }} --impure
- run: |
echo "::group::Development shells command"
cachix use 573-bc
cachix use nix-on-droid
${{ (matrix.system == 'aarch64' || contains(matrix.nix-command, 'ruby')) && 'cachix watch-exec 573-bc -- \' || '' }}
${{ (matrix.command == '') && 'echo "ignore this pls"' || matrix.command }}
- name: Build command
env:
_system: ${{ matrix.system }}-linux
timeout-minutes: 360 # Consider increasing timeout
run: |
echo "::group::Build command"
cachix use 573-bc
cachix use nix-on-droid
${{ (matrix.system == 'aarch64' || contains(matrix.nix-command, 'homeConfigurations')) && 'cachix watch-exec 573-bc -- \' || '' }}
nix ${{ (matrix.nix-command == '') && 'flake info' || matrix.nix-command }}
- name: Deploy cachix-agent spec
if: github.ref == 'refs/heads/wsl2' && matrix.deploy-agent
env:
CACHIX_ACTIVATE_TOKEN: ${{ secrets.CACHIX_ACTIVATE_TOKEN }}
TEST: ${{ matrix.system == 'aarch64' && '--impure' || '' }}
run: |
echo "::group::Build spec"
spec="$(nix build --print-out-paths ".#cachix-deploy-spec-${{ matrix.deploy-agent }}" ${{ (matrix.system == 'aarch64' || contains(matrix.nix-command, 'develop')) && '--impure' || '' }})"
echo "::group::Upload spec"
cachix push 573-bc "$spec"
# vim: set sw=2: