Update Nix Flake lockfile #670
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: 'CI' | |
on: | |
# Allow this workflow to be reused by other workflows: | |
workflow_call: | |
inputs: | |
do_deploy: | |
description: 'Deploy to cachix' | |
type: 'boolean' | |
default: false | |
required: false | |
secrets: | |
CACHIX_AUTH_TOKEN: | |
description: 'Cachix auth token' | |
required: true | |
CACHIX_ACTIVATE_TOKEN: | |
description: 'Cachix activate token' | |
required: false | |
NIX_GITHUB_TOKEN: | |
description: GitHub token to add as access-token in nix.conf | |
required: false | |
# Allow this workflow to be triggered manually: | |
workflow_dispatch: | |
inputs: | |
do_deploy: | |
description: 'Deploy to cachix' | |
type: 'boolean' | |
default: false | |
required: false | |
# Allow this workflow to be triggered in merge | |
merge_group: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.repository }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
post-initial-comment: | |
runs-on: self-hosted | |
steps: | |
- name: 'Post initial package status comment' | |
uses: marocchino/[email protected] | |
with: | |
recreate: true | |
message: | | |
Thanks for your Pull Request! | |
This comment will be updated automatically with the status of each package. | |
generate-matrix-matrix: | |
name: Generate Matrix of Matrices | |
runs-on: self-hosted | |
steps: | |
- name: Install Nix | |
uses: metacraft-labs/nixos-modules/.github/install-nix@main | |
with: | |
cachix-cache: ${{ vars.CACHIX_CACHE }} | |
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} | |
substituters: ${{ vars.SUBSTITUTERS }} | |
nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} | |
- uses: actions/checkout@v4 | |
- name: Generate Matrix for Matrix | |
id: generate-matrix | |
env: | |
CACHIX_CACHE: ${{ vars.CACHIX_CACHE }} | |
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
MCL_BRANCH: ${{ github.repository == 'metacraft-labs/nixos-modules' && github.sha || 'main' }} | |
run: nix run --accept-flake-config github:metacraft-labs/nixos-modules/${{ env.MCL_BRANCH }}#mcl shard_matrix | |
outputs: | |
gen_matrix: ${{ steps.generate-matrix.outputs.gen_matrix }} | |
generate-matrix: | |
needs: generate-matrix-matrix | |
runs-on: self-hosted | |
strategy: | |
matrix: ${{fromJSON(needs.generate-matrix-matrix.outputs.gen_matrix)}} | |
name: Generate Matrix ${{ matrix.digit != -1 && matrix.digit || '' }} | |
steps: | |
- name: Install Nix | |
uses: metacraft-labs/nixos-modules/.github/install-nix@main | |
with: | |
cachix-cache: ${{ vars.CACHIX_CACHE }} | |
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} | |
substituters: ${{ vars.SUBSTITUTERS }} | |
nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} | |
- uses: actions/checkout@v4 | |
- name: Generate CI Matrix | |
id: generate-matrix | |
shell: bash | |
env: | |
IS_INITIAL: 'true' | |
CACHIX_CACHE: ${{ vars.CACHIX_CACHE }} | |
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
FLAKE_PRE: ${{ matrix.prefix }} | |
FLAKE_POST: ${{ matrix.postfix }} | |
MCL_BRANCH: ${{ github.repository == 'metacraft-labs/nixos-modules' && github.sha || 'main' }} | |
run: nix run --accept-flake-config github:metacraft-labs/nixos-modules/${{ env.MCL_BRANCH }}#mcl ci_matrix | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: matrix-pre${{ matrix.digit != -1 && format('-{0}', matrix.digit) || '' }} | |
path: matrix-pre.json | |
outputs: | |
matrix: ${{ steps.generate-matrix.outputs.matrix }} | |
slurp-matrix: | |
runs-on: self-hosted | |
needs: generate-matrix | |
name: Merge matrices | |
outputs: | |
matrix: ${{ steps.matrix.outputs.matrix }} | |
fullMatrix: ${{ steps.matrix.outputs.fullMatrix }} | |
steps: | |
- uses: actions/download-artifact@v4 | |
- name: Merge matrices | |
run: | | |
# Check if jq is installed | |
if ! command -v jq &> /dev/null; then | |
PATH="$(nix build --print-out-paths 'nixpkgs#jq^bin')/bin:$PATH" | |
export PATH | |
fi | |
ls */matrix-pre.json | |
matrix="$(cat */matrix-pre.json | jq -cr '.include[]' | jq '[ select (.isCached == false) ]' | jq -s 'add' | jq -c '. | {include: .}')" | |
if [[ "$matrix" == '' ]] || [[ "$matrix" == '{}' ]] || [[ "$matrix" == '{"include":null}' ]] || [[ "$matrix" == '{"include":[]}' ]]; then | |
matrix='{"include":[]}' | |
fi | |
echo "---" | |
echo "Matrix:" | |
echo "$matrix" | jq | |
echo "---" | |
echo | |
echo | |
fullMatrix="$(cat */matrix-pre.json | jq -cr '.include' | jq -s 'add' | jq -c '. | {include: .}')" | |
echo "---" | |
echo "Full Matrix:" | |
echo "$fullMatrix" | jq | |
echo "---" | |
echo "matrix=$matrix" >> $GITHUB_OUTPUT | |
echo "fullMatrix=$fullMatrix" >> $GITHUB_OUTPUT | |
id: matrix | |
- name: Post Comment | |
id: print-matrix | |
uses: metacraft-labs/nixos-modules/.github/print-matrix@main | |
with: | |
is-initial: 'true' | |
cachix-cache: ${{ vars.CACHIX_CACHE }} | |
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} | |
substituters: ${{ vars.SUBSTITUTERS }} | |
precalc_matrix: ${{ steps.matrix.outputs.fullMatrix }} | |
pr-comment-github-token: ${{ secrets.GITHUB_TOKEN }} | |
nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} | |
build: | |
needs: slurp-matrix | |
if: needs.slurp-matrix.outputs.matrix != '{"include":[]}' | |
strategy: | |
fail-fast: false | |
matrix: ${{fromJSON( needs.slurp-matrix.outputs.matrix )}} | |
name: ${{ matrix.name }} | ${{ matrix.system }} | |
runs-on: ${{ matrix.os }} | |
continue-on-error: ${{ matrix.allowedToFail }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Nix | |
uses: metacraft-labs/nixos-modules/.github/install-nix@main | |
with: | |
cachix-cache: ${{ vars.CACHIX_CACHE }} | |
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} | |
substituters: ${{ vars.SUBSTITUTERS }} | |
nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} | |
- name: Build ${{ matrix.name }} | |
run: | | |
nix build -L --no-link --keep-going --show-trace \ | |
'.#${{ matrix.attrPath }}' | |
- name: Push to Cachix ${{ matrix.name }} | |
run: | | |
cachix push ${{ vars.CACHIX_CACHE }} ${{ matrix.output }} | |
results: | |
runs-on: self-hosted | |
name: Final Results | |
needs: [build, slurp-matrix] | |
if: always() | |
steps: | |
- name: Post Comment | |
uses: metacraft-labs/nixos-modules/.github/print-matrix@main | |
with: | |
is-initial: 'false' | |
cachix-cache: ${{ vars.CACHIX_CACHE }} | |
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} | |
substituters: ${{ vars.SUBSTITUTERS }} | |
precalc_matrix: ${{ needs.slurp-matrix.outputs.fullMatrix }} | |
pr-comment-github-token: ${{ secrets.GITHUB_TOKEN }} | |
nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} | |
- run: exit 1 | |
if: >- | |
needs.slurp-matrix.outputs.matrix != '{"include":[]}' | |
&& contains(needs.*.result, 'failure') | |
|| contains(needs.*.result, 'cancelled') | |
- uses: actions/checkout@v4 | |
if: inputs.do_deploy | |
- name: Deploy | |
if: inputs.do_deploy | |
env: | |
CACHIX_CACHE: ${{ vars.CACHIX_CACHE }} | |
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
CACHIX_ACTIVATE_TOKEN: '${{ secrets.CACHIX_ACTIVATE_TOKEN }}' | |
MCL_BRANCH: ${{ github.repository == 'metacraft-labs/nixos-modules' && github.sha || 'main' }} | |
run: nix run --accept-flake-config github:metacraft-labs/nixos-modules/${{ env.MCL_BRANCH }}#mcl deploy_spec |