From d90b41486e9330fb4b568c619beadaf6825dc464 Mon Sep 17 00:00:00 2001 From: duvetfall Date: Sun, 9 Jun 2024 14:33:37 +0300 Subject: [PATCH] refactor: GitHub Actions --- .github/workflows/build.yml | 75 ----------------- .github/workflows/nix-github-actions.yml | 61 ++++++++++++++ flake.lock | 70 +++++++++++----- flake.nix | 100 ++++++++++++++++------- 4 files changed, 181 insertions(+), 125 deletions(-) delete mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/nix-github-actions.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index fd79c9b..0000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,75 +0,0 @@ -name: "Build and populate cache" -on: - pull_request: - push: - branches: - - main - - master - schedule: - # rebuild everyday at 1:20 UTC - # TIP: Choose a random time here so not all repositories are build at once: - # https://www.random.org/clock-times/?num=1&earliest=01%3A00&latest=08%3A00&interval=5&format=html&rnd=new - - cron: '20 1 * * *' -jobs: - tests: - strategy: - matrix: - # Set this to notify the global nur package registry that changes are - # available. - # - # The repo name as used in - # https://github.com/nix-community/NUR/blob/master/repos.json - nurRepo: - - mur - # Set this to cache your build results in cachix for faster builds - # in CI and for everyone who uses your cache. - # - # Format: Your cachix cache host name without the ".cachix.org" suffix. - # Example: mycache (for mycache.cachix.org) - # - # For this to work, you also need to set the CACHIX_SIGNING_KEY or - # CACHIX_AUTH_TOKEN secret in your repository secrets settings in - # Github found at - # https://github.com//nur-packages/settings/secrets - cachixName: - - mur - nixPath: - - nixpkgs=channel:nixos-unstable - - nixpkgs=channel:nixpkgs-unstable - - nixpkgs=channel:nixos-23.11 - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Install nix - uses: cachix/install-nix-action@V27 - with: - nix_path: "${{ matrix.nixPath }}" - extra_nix_config: | - experimental-features = nix-command flakes - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - - name: Show nixpkgs version - run: nix-instantiate --eval -E '(import {}).lib.version' - - name: Setup cachix - uses: cachix/cachix-action@v15 - # Don't replace here! - if: ${{ matrix.cachixName != '' }} - with: - name: ${{ matrix.cachixName }} - signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}' - authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' - - name: Check evaluation - run: | - nix-env -f . -qa \* --meta --xml \ - --allowed-uris https://static.rust-lang.org \ - --option restrict-eval true \ - --option allow-import-from-derivation true \ - --drv-path --show-trace \ - -I nixpkgs=$(nix-instantiate --find-file nixpkgs) \ - -I $PWD - - name: Build nix packages - run: nix shell -f '' nix-build-uncached -c nix-build-uncached ci.nix -A cacheOutputs - - name: Trigger NUR update - # Don't replace here! - if: ${{ matrix.nurRepo != '' }} - run: curl -XPOST "https://nur-update.nix-community.org/update?repo=${{ matrix.nurRepo }}" diff --git a/.github/workflows/nix-github-actions.yml b/.github/workflows/nix-github-actions.yml new file mode 100644 index 0000000..cfe5e0b --- /dev/null +++ b/.github/workflows/nix-github-actions.yml @@ -0,0 +1,61 @@ +name: Nix Flake actions + +on: + pull_request: + push: + branches: + - master + - main + +jobs: + + check-eval: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Install nix + uses: cachix/install-nix-action@v27 + with: + extra_nix_config: | + experimental-features = nix-command flakes + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + - name: Show nixpkgs version + run: nix-instantiate --eval -E '(import {}).lib.version' + - name: Check evaluation + run: | + nix-env -f . -qa \* --meta --xml \ + --allowed-uris https://static.rust-lang.org \ + --option restrict-eval true \ + --option allow-import-from-derivation true \ + --drv-path --show-trace \ + -I nixpkgs=$(nix-instantiate --find-file nixpkgs) \ + -I $PWD + + nix-matrix: + needs: check-eval + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v27 + - id: set-matrix + name: Generate Nix Matrix + run: | + set -Eeu + matrix="$(nix eval --json '.#githubActions.matrix')" + echo "matrix=$matrix" >> "$GITHUB_OUTPUT" + + nix-build: + needs: nix-matrix + runs-on: ${{ matrix.os }} + strategy: + matrix: ${{fromJSON(needs.nix-matrix.outputs.matrix)}} + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v27 + - name: Build "${{ matrix.attr }}" + - run: nix build -L ".#${{ matrix.attr }}" + - name: Trigger NUR update + - run: curl -XPOST "https://nur-update.nix-community.org/update?repo=mur" diff --git a/flake.lock b/flake.lock index 073a34d..79f7e8d 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1712014858, - "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", + "lastModified": 1717285511, + "narHash": "sha256-iKzJcpdXih14qYVcZ9QC9XuZYnPc6T8YImb6dX166kw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", + "rev": "2a55567fcf15b1b1c7ed712a2c6fadaec7412ea8", "type": "github" }, "original": { @@ -18,44 +18,76 @@ "type": "github" } }, - "nixpkgs": { + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, "locked": { - "lastModified": 1714562304, - "narHash": "sha256-Mr3U37Rh6tH0FbaDFu0aZDwk9mPAe7ASaqDOGgLqqLU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "bcd44e224fd68ce7d269b4f44d24c2220fd821e7", + "lastModified": 1703863825, + "narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "5163432afc817cf8bd1f031418d1869e4c9d5547", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", + "owner": "nix-community", + "repo": "nix-github-actions", "type": "github" } }, - "nixpkgs-lib": { + "nixpkgs": { "locked": { - "dir": "lib", - "lastModified": 1711703276, - "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", + "lastModified": 1717786204, + "narHash": "sha256-4q0s6m0GUcN7q+Y2DqD27iLvbcd1G50T2lv08kKxkSI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", + "rev": "051f920625ab5aabe37c920346e3e69d7d34400e", "type": "github" }, "original": { - "dir": "lib", "owner": "NixOS", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, + "nixpkgs-lib": { + "locked": { + "lastModified": 1717284937, + "narHash": "sha256-lIbdfCsf8LMFloheeE6N31+BMIeixqyQWbSr2vk79EQ=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/eb9ceca17df2ea50a250b6b27f7bf6ab0186f198.tar.gz" + } + }, "root": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs" + "nix-github-actions": "nix-github-actions", + "nixpkgs": "nixpkgs", + "stable": "stable" + } + }, + "stable": { + "locked": { + "lastModified": 1717696253, + "narHash": "sha256-1+ua0ggXlYYPLTmMl3YeYYsBXDSCqT+Gw3u6l4gvMhA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "9b5328b7f761a7bbdc0e332ac4cf076a3eedb89b", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 4a43bd4..671b5bb 100644 --- a/flake.nix +++ b/flake.nix @@ -7,45 +7,83 @@ }; inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + stable.url = "github:NixOS/nixpkgs/nixos-24.05"; flake-parts.url = "github:hercules-ci/flake-parts"; + + nix-github-actions = { + url = "github:nix-community/nix-github-actions"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = inputs@{ flake-parts, ... }: + outputs = + inputs@{ self, flake-parts, ... }: let overlays = final: prev: import ./overlay.nix final prev; + lib = inputs.nixpkgs.lib; in - flake-parts.lib.mkFlake { inherit inputs; } - { - flake = { + flake-parts.lib.mkFlake { inherit inputs; } { + + flake = + + { overlays.default = overlays; + githubActions = + let + filterPackages = + pkgs: + lib.filterAttrs ( + name: pkg: + !(pkg.meta.broken or false) && (pkg.meta.license.free or true) && !(pkg.preferLocalBuild or false) + ) pkgs; + cacheablePkgs = { + # aarch64-linux = filterPackages self.packages.aarch64-linux; # FIX: + # x86_64-darwin = filterPackages self.packages.x86_64-darwin; + x86_64-linux = filterPackages self.packages.x86_64-linux; + }; + in + inputs.nix-github-actions.lib.mkGithubMatrix { checks = cacheablePkgs; }; }; - systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" "x86_64-darwin" ]; - perSystem = { config, self', inputs', pkgs, system, lib, ... }: - let - mur = import ./default.nix { inherit pkgs; }; - packages = lib.filterAttrs (_: v: lib.isDerivation v) mur; - list-repo = pkgs.callPackage ./list-repo.nix { inherit pkgs packages overlays; }; # the binary is called "mur" - in - { - legacyPackages = mur; - packages = packages // { - default = list-repo; - }; - - devShells.default = pkgs.mkShell { - buildInputs = [ - # Package that creates env with all packages. Pretty self-explanatory. - pkgs.buildEnv - { - name = "mur"; - paths = (builtins.attrValues packages) ++ - [ list-repo ]; - } - ]; - }; + systems = [ + "x86_64-linux" + "aarch64-linux" + "aarch64-darwin" + "x86_64-darwin" + ]; + perSystem = + { + config, + self', + inputs', + pkgs, + system, + lib, + ... + }: + let + mur = import ./default.nix { inherit pkgs; }; + packages = lib.filterAttrs (_: v: lib.isDerivation v) mur; + list-repo = pkgs.callPackage ./list-repo.nix { inherit pkgs packages overlays; }; # the binary is called "mur" + in + { + legacyPackages = mur; + + packages = packages // { + default = list-repo; }; - }; -} + devShells.default = pkgs.mkShell { + buildInputs = [ + # Package that creates env with all packages. Pretty self-explanatory. + pkgs.buildEnv + { + name = "mur"; + paths = (builtins.attrValues packages) ++ [ list-repo ]; + } + ]; + }; + }; + }; +}