This repository has been archived by the owner on Dec 4, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
190 lines (167 loc) · 6.62 KB
/
test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
# ============================================================================ #
#
# Build `pkgdb' and run its test suite.
#
# TODO:
# - Avoid `make bin' by using `nix build' outputs with test suite.
# - Avoid pushing the full `nix' store by pushing a list of store paths at the
# start of the job and comparing it with the list of store paths at the end
# of the job.
# See `github:flox/install-flox-action' for an example.
#
#
# ---------------------------------------------------------------------------- #
name: Test
on:
# No need to run on `main` since we have `merge_group' and `pull_request'.
workflow_dispatch:
pull_request:
merge_group:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
all-tests:
name: Tests ${{ matrix.os }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- uses: actions/checkout@v3
- uses: cachix/install-nix-action@v22
with:
extra_nix_config: |
experimental-features = nix-command flakes
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
substituters = https://cache.nixos.org https://cache.floxdev.com
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= flox-store-public-0:8c/B+kjIaQ+BloCmNkRUKwaVPFWkriSAd0JJvuDu4F0=
max-jobs = auto
cores = 0
substitute = true
builders-use-substitutes = true
fallback = true
connect-timeout = 5
stalled-download-timeout = 90
timeout = 0
- name: Setup AWS Cache Keys
run: |
echo '${{ secrets.FLOX_STORE_PUBLIC_NIX_SECRET_KEY }}' \
> /tmp/secret-key
{
printf 'extra-substituters = s3://flox-store';
printf '?secret-key=/tmp/secret-key&write-nar-listing=1';
echo '&ls-compression=br';
printf 'extra-trusted-public-keys = ';
echo "${{ secrets.FLOX_STORE_PUBLIC_NIX_SECRET_KEY }}" \
|nix key convert-secret-to-public;
}|sudo tee -a /etc/nix/nix.conf >/dev/null
- name: Nix AWS Setup
run: |
if [[ "$RUNNER_OS" == 'Linux' ]]; then
SERVICE_D='/etc/systemd/system/nix-daemon.service.d';
sudo mkdir -p "$SERVICE_D";
{
echo '[Service]';
printf 'Environment=AWS_ACCESS_KEY_ID=';
echo '${{ secrets.AWS_ACCESS_KEY_ID }}';
printf 'Environment=AWS_SECRET_ACCESS_KEY=';
echo '${{ secrets.AWS_SECRET_ACCESS_KEY }}';
}|sudo tee -a "$SERVICE_D/aws-credentials.conf" >/dev/null;
elif [[ "$RUNNER_OS" == 'macOS' ]]; then
sudo plutil \
-insert EnvironmentVariables.AWS_SECRET_ACCESS_KEY \
-string "${{ secrets.AWS_SECRET_ACCESS_KEY }}" \
/Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo plutil \
-insert EnvironmentVariables.AWS_ACCESS_KEY_ID \
-string "${{ secrets.AWS_ACCESS_KEY_ID }}" \
/Library/LaunchDaemons/org.nixos.nix-daemon.plist
fi
- name: Restart Nix Daemon
run: |
if [[ "$RUNNER_OS" == 'Linux' ]]; then
sudo systemctl daemon-reload;
sudo systemctl restart nix-daemon.service;
elif [[ "$RUNNER_OS" == 'macOS' ]]; then
# double kick does the trick
sudo launchctl unload /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo launchctl load /Library/LaunchDaemons/org.nixos.nix-daemon.plist
sudo launchctl kickstart -k system/org.nixos.nix-daemon;
sudo launchctl kickstart -k system/org.nixos.nix-daemon;
else
echo "Unsupported OS: $RUNNER_OS";
exit 1;
fi
- name: Restore Nix Caches
id: nix-cache-restore
uses: actions/cache/restore@v3
with:
path: |
~/.cache/nix
key: ${{ runner.os }}-nix-cache
# This is performed to reduce cpu/memory overhead in tests later.
# NOTE: Ensure this `rev' is aligned with `<pkgdb>/tests/setup_suite.bats'
- name: Warm Nix Eval Caches
run: |
set -eu;
set -o pipefail;
rev="e8039594435c68eb4f780f3e9bf3972a7399c4b1"
echo "Priming Eval Cache: nixpkgs/$rev" >&2;
NIX_SYSTEM="$(
nix eval --raw --impure --expr builtins.currentSystem;
)";
nix flake show --legacy "github:NixOS/nixpkgs/$rev" \
--system "$NIX_SYSTEM" >/dev/null;
- name: Nix Flake Check
run: nix flake check
- name: Setup
run: |
echo 'Runner Version' >&2;
{ printf ' bash version: '; bash --version|head -n1; } >&2;
{ printf ' nix version: '; nix --version; } >&2;
NO_WELCOME=: nix develop '.#ci' --no-update-lock-file \
--command sh -c '
echo "";
echo "Development Environment Versions";
printf " nix version: "; nix --version;
printf " CXX version: "; $CXX --version|head -n1;
' >&2;
- name: Run Build
run: nix develop '.#ci' --no-update-lock-file --command make -j4
- name: Build Tests
run: nix develop '.#ci' --no-update-lock-file --command make tests -j4
- name: Run Tests
run: nix develop '.#ci' --no-update-lock-file --command make check
- name: Run Installed
run: nix run . --no-update-lock-file -- --help
- name: Push Nix Store Contents
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
run: nix copy --all --to 's3://flox-store?secret-key=/tmp/secret-key&write-nar-listing=1&ls-compression=br';
- name: Save Nix Caches
id: nix-cache-save
uses: actions/cache/save@v3
with:
path: |
~/.cache/nix
key: ${{ steps.nix-cache-restore.outputs.cache-primary-key }}
# Aggregate test results
all-tests-success:
if: ${{ always() }}
runs-on: ubuntu-latest
name: Tests ( All Systems )
needs: all-tests
steps:
- if: >-
${{
contains( needs.*.result, 'failure' ) ||
contains( needs.*.result, 'cancelled' )
}}
run: exit 1
# ---------------------------------------------------------------------------- #
#
#
#
# ============================================================================ #