diff --git a/src/local/flake.lock b/src/local/flake.lock index 06918637..47899c9a 100644 --- a/src/local/flake.lock +++ b/src/local/flake.lock @@ -521,12 +521,12 @@ }, "locked": { "lastModified": 0, - "narHash": "sha256-P8wX0cwA44kTtRAJXZKh43REyDEyaVAYf7LiMYRMN/4=", - "path": "/nix/store/sqvj1h3bkkcyinp1znwwz55hfffg01zn-source", + "narHash": "sha256-jpuAx/vm+oqSCKQtpUeg6nkVRVi/QwHYWYCqC9lHCh0=", + "path": "/nix/store/70wr5a1zx57yvbwzjlp3zf1hqwzjrih0-source", "type": "path" }, "original": { - "path": "/nix/store/sqvj1h3bkkcyinp1znwwz55hfffg01zn-source", + "path": "/nix/store/70wr5a1zx57yvbwzjlp3zf1hqwzjrih0-source", "type": "path" } }, diff --git a/src/std/templates/microservice-aws-github/flake.nix b/src/std/templates/microservice-aws-github/flake.nix index 4a2082a1..2bba75e7 100644 --- a/src/std/templates/microservice-aws-github/flake.nix +++ b/src/std/templates/microservice-aws-github/flake.nix @@ -11,6 +11,8 @@ (runnables "operables") (containers "oci-images" {ci.publish = true;}) (kubectl "deployments" {ci.apply = true;}) + # For rendering the Github Action CI/CD + (nixago "action") ]; }; @@ -20,7 +22,11 @@ std.url = "github:divnix/std"; std.inputs.nixpkgs.follows = "nixpkgs"; std.inputs.n2c.follows = "n2c"; + std.inputs.nixago.follows = "nixago"; n2c.url = "github:nlewo/nix2container"; - n2c.inputs.nixpkgs.follows = "std/nixpkgs"; + n2c.inputs.nixpkgs.follows = "nixpkgs"; + nixago.url = "github:nix-community/nixago"; + nixago.inputs.nixpkgs.follows = "nixpkgs"; + nixago.inputs.nixago-exts.follows = ""; }; } diff --git a/src/std/templates/microservice-aws-github/ops/github/action.nix b/src/std/templates/microservice-aws-github/ops/github/action.nix index 95584751..451aa0fe 100644 --- a/src/std/templates/microservice-aws-github/ops/github/action.nix +++ b/src/std/templates/microservice-aws-github/ops/github/action.nix @@ -2,11 +2,14 @@ let inherit (inputs.nixpkgs) lib; inherit (inputs.std.lib) dev; - renderFile = (import ./action/template.nix) lib args; + template = (import ./action/template.nix) lib; in { + inherit template; ci = dev.mkNixago { output = ".github/workflows/ci-cd.yaml"; - data = renderFile { + format = "yaml"; + hook.mode = "copy"; + data = template { default_branch = "main"; platform = "aws"; # gc, azure, digitalocean # set up with nixbuild.net to speed up builds diff --git a/src/std/templates/microservice-aws-github/ops/github/action/template.nix b/src/std/templates/microservice-aws-github/ops/github/action/template.nix index d57e1415..b5f93545 100644 --- a/src/std/templates/microservice-aws-github/ops/github/action/template.nix +++ b/src/std/templates/microservice-aws-github/ops/github/action/template.nix @@ -25,7 +25,7 @@ lib: { steps = [] # account is part of ecr url, thus part of `hits` output and needs to pass so we can't mask it - ++ lib.optionals (platform == "aws") [lib.recursiveUpdate aws.credentials {mask-aws-account-id = false;}] + ++ lib.optionals (platform == "aws") [(lib.recursiveUpdate aws.credentials {mask-aws-account-id = false;})] ++ lib.optionals (platform == "aws") [aws.ecr] ++ lib.optionals (!withPersistentDiscovery) [installNixAction] ++ lib.optionals withNixbuild [useNixbuildAction] diff --git a/src/tests/flake.lock b/src/tests/flake.lock index 5cdb4795..b84e961f 100644 --- a/src/tests/flake.lock +++ b/src/tests/flake.lock @@ -532,12 +532,12 @@ }, "locked": { "lastModified": 0, - "narHash": "sha256-y6gvjTNZwSWgdizPXeTMYZiufPZlJ0C7FKKdsWOOy9E=", - "path": "/nix/store/j3s0dsddfl7z7whywpxh7ax9g1kas8yf-source", + "narHash": "sha256-6yOjWIFys3dbqmrCOu5277ywyBeuZOTq9BfpXeA+HWI=", + "path": "/nix/store/27d3lsjjqmwgak6yhmy7g3cq4hn96zl7-source", "type": "path" }, "original": { - "path": "/nix/store/j3s0dsddfl7z7whywpxh7ax9g1kas8yf-source", + "path": "/nix/store/27d3lsjjqmwgak6yhmy7g3cq4hn96zl7-source", "type": "path" } },