diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml new file mode 100644 index 000000000..6a419a9e8 --- /dev/null +++ b/.github/workflows/nix.yml @@ -0,0 +1,34 @@ +name: Build and cache with Nix + +on: + workflow_dispatch: + push: + +jobs: + build-and-cache: + runs-on: ${{ matrix.os }} + strategy: + matrix: + os: [ubuntu-latest, macos-latest] + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up Nix with caching + uses: kadena-io/setup-nix-with-cache@v1 + with: + cache_url: s3://nixcache.chainweb.com?region=us-east-1 + signing_private_key: ${{ secrets.NIX_CACHE_PRIVATE_KEY }} + + - name: Set up AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.NIX_CACHE_AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.NIX_CACHE_AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + + - name: Build and cache artifacts + timeout-minutes: 740 + run: | + echo Building the default package and its devShell + nix build .#check diff --git a/flake.nix b/flake.nix index 9423c77f9..fd0413a1d 100644 --- a/flake.nix +++ b/flake.nix @@ -41,17 +41,19 @@ }; }) ]; - in flake // { + # This package depends on other packages at buildtime, but its output does not + # depend on them. This way, we don't have to download the entire closure to verify + # that those packages build. + mkCheck = name: package: pkgs.runCommand ("check-"+name) {} '' + echo ${name}: ${package} + echo works > $out + ''; + in flake // rec { packages.default = flake.packages."pact:exe:pact"; - - devShell = pkgs.haskellPackages.shellFor { - buildInputs = with pkgs.haskellPackages; [ - cabal-install - haskell-language-server - # hlint - ]; - - withHoogle = true; - }; + packages.check = pkgs.runCommand "check" {} '' + echo ${mkCheck "pact" packages.default} + echo ${mkCheck "devShell" flake.devShell} + echo works > $out + ''; }); }