2021-12-21 21:26:52 +01:00
|
|
|
name: "CI"
|
2021-10-29 14:38:55 +02:00
|
|
|
|
2020-03-13 11:57:58 +01:00
|
|
|
on:
|
|
|
|
pull_request:
|
|
|
|
push:
|
2021-10-29 14:38:55 +02:00
|
|
|
|
2022-07-05 12:06:58 +02:00
|
|
|
permissions: read-all
|
|
|
|
|
2020-03-13 11:57:58 +01:00
|
|
|
jobs:
|
2021-10-29 14:38:55 +02:00
|
|
|
|
2020-03-13 11:57:58 +01:00
|
|
|
tests:
|
2022-08-29 14:17:06 +02:00
|
|
|
needs: [check_secrets]
|
2020-03-13 11:57:58 +01:00
|
|
|
strategy:
|
2023-06-17 15:05:10 +02:00
|
|
|
fail-fast: false
|
2020-03-13 11:57:58 +01:00
|
|
|
matrix:
|
2020-05-15 10:06:14 +02:00
|
|
|
os: [ubuntu-latest, macos-latest]
|
2020-03-13 11:57:58 +01:00
|
|
|
runs-on: ${{ matrix.os }}
|
2021-10-29 14:38:55 +02:00
|
|
|
timeout-minutes: 60
|
2020-03-13 11:57:58 +01:00
|
|
|
steps:
|
2022-04-13 14:10:29 +02:00
|
|
|
- uses: actions/checkout@v3
|
2020-03-13 17:25:47 +01:00
|
|
|
with:
|
|
|
|
fetch-depth: 0
|
2023-06-17 15:05:10 +02:00
|
|
|
- uses: cachix/install-nix-action@v22
|
2023-02-17 19:23:09 +01:00
|
|
|
with:
|
|
|
|
# The sandbox would otherwise be disabled by default on Darwin
|
|
|
|
extra_nix_config: "sandbox = true"
|
2021-02-25 23:12:51 +01:00
|
|
|
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
|
2022-10-31 23:08:02 +01:00
|
|
|
- uses: cachix/cachix-action@v12
|
2022-08-29 14:17:06 +02:00
|
|
|
if: needs.check_secrets.outputs.cachix == 'true'
|
2021-02-15 11:20:54 +01:00
|
|
|
with:
|
|
|
|
name: '${{ env.CACHIX_NAME }}'
|
|
|
|
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
|
2021-02-25 23:12:51 +01:00
|
|
|
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
|
2022-01-26 14:31:23 +01:00
|
|
|
- run: nix --experimental-features 'nix-command flakes' flake check -L
|
2021-10-29 14:38:55 +02:00
|
|
|
|
2022-08-29 14:17:06 +02:00
|
|
|
check_secrets:
|
2022-07-01 02:29:30 +02:00
|
|
|
permissions:
|
|
|
|
contents: none
|
2022-08-29 14:17:06 +02:00
|
|
|
name: Check Cachix and Docker secrets present for installer tests
|
2021-02-25 23:12:51 +01:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
outputs:
|
2022-08-29 14:17:06 +02:00
|
|
|
cachix: ${{ steps.secret.outputs.cachix }}
|
|
|
|
docker: ${{ steps.secret.outputs.docker }}
|
2021-02-25 23:12:51 +01:00
|
|
|
steps:
|
2022-08-29 14:17:06 +02:00
|
|
|
- name: Check for secrets
|
2021-02-25 23:12:51 +01:00
|
|
|
id: secret
|
|
|
|
env:
|
|
|
|
_CACHIX_SECRETS: ${{ secrets.CACHIX_SIGNING_KEY }}${{ secrets.CACHIX_AUTH_TOKEN }}
|
2022-08-29 14:17:06 +02:00
|
|
|
_DOCKER_SECRETS: ${{ secrets.DOCKERHUB_USERNAME }}${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
run: |
|
|
|
|
echo "::set-output name=cachix::${{ env._CACHIX_SECRETS != '' }}"
|
|
|
|
echo "::set-output name=docker::${{ env._DOCKER_SECRETS != '' }}"
|
2021-10-29 14:38:55 +02:00
|
|
|
|
2021-02-15 11:20:54 +01:00
|
|
|
installer:
|
2022-08-29 14:17:06 +02:00
|
|
|
needs: [tests, check_secrets]
|
|
|
|
if: github.event_name == 'push' && needs.check_secrets.outputs.cachix == 'true'
|
2021-02-15 11:20:54 +01:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
outputs:
|
|
|
|
installerURL: ${{ steps.prepare-installer.outputs.installerURL }}
|
|
|
|
steps:
|
2022-04-13 14:10:29 +02:00
|
|
|
- uses: actions/checkout@v3
|
2021-02-15 11:20:54 +01:00
|
|
|
with:
|
|
|
|
fetch-depth: 0
|
2021-02-25 23:12:51 +01:00
|
|
|
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
|
2023-06-17 15:05:10 +02:00
|
|
|
- uses: cachix/install-nix-action@v22
|
2023-03-01 01:19:11 +01:00
|
|
|
with:
|
|
|
|
install_url: https://releases.nixos.org/nix/nix-2.13.3/install
|
2022-10-31 23:08:02 +01:00
|
|
|
- uses: cachix/cachix-action@v12
|
2021-02-15 11:20:54 +01:00
|
|
|
with:
|
|
|
|
name: '${{ env.CACHIX_NAME }}'
|
|
|
|
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
|
2021-02-25 23:12:51 +01:00
|
|
|
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
|
2021-02-15 11:20:54 +01:00
|
|
|
- id: prepare-installer
|
|
|
|
run: scripts/prepare-installer-for-github-actions
|
2021-10-29 14:38:55 +02:00
|
|
|
|
2021-02-15 11:20:54 +01:00
|
|
|
installer_test:
|
2022-08-29 14:17:06 +02:00
|
|
|
needs: [installer, check_secrets]
|
|
|
|
if: github.event_name == 'push' && needs.check_secrets.outputs.cachix == 'true'
|
2021-02-15 11:20:54 +01:00
|
|
|
strategy:
|
2023-06-17 15:05:10 +02:00
|
|
|
fail-fast: false
|
2021-02-15 11:20:54 +01:00
|
|
|
matrix:
|
|
|
|
os: [ubuntu-latest, macos-latest]
|
|
|
|
runs-on: ${{ matrix.os }}
|
|
|
|
steps:
|
2022-04-13 14:10:29 +02:00
|
|
|
- uses: actions/checkout@v3
|
2021-02-25 23:12:51 +01:00
|
|
|
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
|
2023-06-17 15:05:10 +02:00
|
|
|
- uses: cachix/install-nix-action@v22
|
2021-02-15 11:20:54 +01:00
|
|
|
with:
|
|
|
|
install_url: '${{needs.installer.outputs.installerURL}}'
|
2021-02-25 23:12:51 +01:00
|
|
|
install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve"
|
2022-09-12 18:46:06 +02:00
|
|
|
- run: sudo apt install fish zsh
|
|
|
|
if: matrix.os == 'ubuntu-latest'
|
|
|
|
- run: brew install fish
|
|
|
|
if: matrix.os == 'macos-latest'
|
|
|
|
- run: exec bash -c "nix-instantiate -E 'builtins.currentTime' --eval"
|
|
|
|
- run: exec sh -c "nix-instantiate -E 'builtins.currentTime' --eval"
|
|
|
|
- run: exec zsh -c "nix-instantiate -E 'builtins.currentTime' --eval"
|
|
|
|
- run: exec fish -c "nix-instantiate -E 'builtins.currentTime' --eval"
|
2023-03-20 10:24:29 +01:00
|
|
|
- run: exec bash -c "nix-channel --add https://releases.nixos.org/nixos/unstable/nixos-23.05pre466020.60c1d71f2ba nixpkgs"
|
|
|
|
- run: exec bash -c "nix-channel --update && nix-env -iA nixpkgs.hello && hello"
|
2021-12-21 22:42:47 +01:00
|
|
|
|
|
|
|
docker_push_image:
|
2022-08-29 14:17:06 +02:00
|
|
|
needs: [check_secrets, tests]
|
2021-12-21 22:42:47 +01:00
|
|
|
if: >-
|
|
|
|
github.event_name == 'push' &&
|
|
|
|
github.ref_name == 'master' &&
|
2022-08-29 14:17:06 +02:00
|
|
|
needs.check_secrets.outputs.cachix == 'true' &&
|
|
|
|
needs.check_secrets.outputs.docker == 'true'
|
2021-12-21 22:42:47 +01:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
2022-04-13 14:10:29 +02:00
|
|
|
- uses: actions/checkout@v3
|
2021-12-21 22:42:47 +01:00
|
|
|
with:
|
|
|
|
fetch-depth: 0
|
2023-06-17 15:05:10 +02:00
|
|
|
- uses: cachix/install-nix-action@v22
|
2023-03-01 01:19:11 +01:00
|
|
|
with:
|
|
|
|
install_url: https://releases.nixos.org/nix/nix-2.13.3/install
|
2021-12-21 22:42:47 +01:00
|
|
|
- run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
|
2022-06-10 12:09:09 +02:00
|
|
|
- run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV
|
2022-10-31 23:08:02 +01:00
|
|
|
- uses: cachix/cachix-action@v12
|
2022-08-29 14:17:06 +02:00
|
|
|
if: needs.check_secrets.outputs.cachix == 'true'
|
2021-12-21 22:42:47 +01:00
|
|
|
with:
|
|
|
|
name: '${{ env.CACHIX_NAME }}'
|
|
|
|
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
|
|
|
|
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
|
2022-01-26 14:31:23 +01:00
|
|
|
- run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L
|
2021-12-21 22:42:47 +01:00
|
|
|
- run: docker load -i ./result/image.tar.gz
|
|
|
|
- run: docker tag nix:$NIX_VERSION nixos/nix:$NIX_VERSION
|
2022-01-21 14:40:34 +01:00
|
|
|
- run: docker tag nix:$NIX_VERSION nixos/nix:master
|
2021-12-21 22:42:47 +01:00
|
|
|
- name: Login to Docker Hub
|
2022-05-10 00:01:15 +02:00
|
|
|
uses: docker/login-action@v2
|
2021-12-21 22:42:47 +01:00
|
|
|
with:
|
|
|
|
username: ${{ secrets.DOCKERHUB_USERNAME }}
|
|
|
|
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
|
|
|
- run: docker push nixos/nix:$NIX_VERSION
|
2022-01-21 14:40:34 +01:00
|
|
|
- run: docker push nixos/nix:master
|