From db6ccfa35564f2e60bc23052e5ebcf15df2da5b7 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 15 Apr 2024 13:58:32 -0300 Subject: [PATCH 1/3] Use matrix build for artifacts --- .github/workflows/build.yml | 90 +++++++++++-------------------------- 1 file changed, 27 insertions(+), 63 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6687d2cc..23291c27 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -7,79 +7,43 @@ on: branches: [main] jobs: - build-artifacts-ARM64-macOS: - runs-on: macos-latest-xlarge + build-artifacts: + runs-on: ${{ matrix.systems.runner }} + strategy: + matrix: + systems: + - nix-system: "aarch64-darwin" + runner: "macos-latest-xlarge" + artifact: "fh-ARM64-macOS" + - nix-system: "x86_64-darwin" + runner: "macos-12" + artifact: "fh-X64-macOS" + - nix-system: "aarch64-linux" + runner: "namespace-profile-default-arm64" + artifact: "fh-X64-Linux" + - nix-system: "x86_64-linux" + runner: "ubuntu-22.04" + artifact: "fh-ARM64-linux" steps: - - uses: actions/checkout@v3 + - name: git checkout + uses: actions/checkout@v4 - - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@main - - name: Build package - run: | - nix build .# -L - - - name: Upload a Build Artifact - uses: actions/upload-artifact@v3.1.2 - with: - name: fh-ARM64-macOS - path: result/bin/fh - retention-days: 1 - - build-artifacts-X64-macOS: - runs-on: macos-12 - steps: - - uses: actions/checkout@v3 - - - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main - - - name: Build package - run: | - nix build .# -L - - - name: Upload a Build Artifact - uses: actions/upload-artifact@v3.1.2 + - name: Set up Nix cache + uses: DeterminateSystems/magic-nix-cache-action@main with: - name: fh-X64-macOS - path: result/bin/fh - retention-days: 1 - - build-artifacts-X64-Linux: - runs-on: UbuntuLatest32Cores128G - steps: - - uses: actions/checkout@v3 - - - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main - - - name: Build package - run: | - nix build .# -L - - - name: Upload a Build Artifact - uses: actions/upload-artifact@v3.1.2 - with: - name: fh-X64-Linux - path: result/bin/fh - retention-days: 1 - - build-artifacts-ARM64-Linux: - runs-on: namespace-profile-default-arm64 - steps: - - uses: actions/checkout@v3 - - - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main + use-flakehub: true - - name: Build package + - name: Build package for ${{ matrix.systems.nix-system }} run: | - nix build .# -L + nix build -L ".#packages.${{ matrix.systems.nix-system }}.default" - name: Upload a Build Artifact uses: actions/upload-artifact@v3.1.2 with: # Artifact name - name: fh-ARM64-Linux + name: ${{ matrix.systems.artifact }} path: result/bin/fh retention-days: 1 From 5f61c12664b2e7f2d8ca63f58dfd0906916e9dd9 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Mon, 15 Apr 2024 14:05:00 -0300 Subject: [PATCH 2/3] Build on workflow dispatch --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 23291c27..3f3add57 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,6 +2,7 @@ name: Build fh artifacts on: workflow_call: + workflow_dispatch: pull_request: push: branches: [main] From d871bec8d33d86e616124308bdc11b3e5aad03bd Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Fri, 19 Apr 2024 11:44:24 -0300 Subject: [PATCH 3/3] Add property Actions permissions --- .github/workflows/build.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3f3add57..6cb4aa37 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,6 +10,9 @@ on: jobs: build-artifacts: runs-on: ${{ matrix.systems.runner }} + permissions: + id-token: "write" + contents: "read" strategy: matrix: systems: