Skip to content

ci: improve pipeline #472

ci: improve pipeline

ci: improve pipeline #472

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
changes:
name: Changes
runs-on: ubuntu-latest
outputs:
nixos-configuration: ${{ steps.changes.outputs.nixos-configuration }}
home-configuration: ${{ steps.changes.outputs.home-configuration }}
installer-yubikey: ${{ steps.changes.outputs.installer-yubikey }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Path filters
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3
id: changes
with:
filters: |
nixos-configuration:
- flake.nix
- flake.lock
- 'configurations/nixos/**'
- 'modules/nixos/**'
- 'modules/home/**'
home-configuration:
- flake.nix
- flake.lock
- 'configurations/home/**'
- 'modules/home/**'
installer-yubikey:
- flake.nix
- flake.lock
- 'configurations/nixos/installer-yubikey/**'
- 'packages/drduh-gpg-conf/**'
- 'packages/drduh-yubikey-guide/**'
check:
name: Check
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d # v16
with:
source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
extra-conf: |
max-jobs = auto
- name: Nix cache (cachix)
uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15
with:
useDaemon: true
name: terlar
extraPullNames: cuda-maintainers
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Run check
run: nix flake check
build-home-configuration:
name: Build home configuration
needs: changes
if: ${{ needs.changes.outputs.home-configuration == 'true' }}
strategy:
matrix:
include:
- username: terje
os: ubuntu-latest
runs-on: ${{ matrix.os }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d # v16
with:
source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
extra-conf: |
max-jobs = auto
- name: Nix cache (cachix)
uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15
with:
useDaemon: true
name: terlar
extraPullNames: cuda-maintainers
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Build activation package
run: |
nix build --print-build-logs .#homeConfigurations.${{ matrix.username }}.activationPackage
build-nixos-configuration:
name: Build NixOS configuration
needs: changes
if: ${{ needs.changes.outputs.nixos-configuration == 'true' }}
strategy:
matrix:
host:
- kong
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Free disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d # v16
with:
source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
extra-conf: |
max-jobs = auto
- name: Nix cache (cachix)
uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15
with:
useDaemon: true
name: terlar
extraPullNames: cuda-maintainers
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Build system
run: |
nix build --print-build-logs .#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel
build-iso:
name: Build ISO
needs: changes
if: ${{ needs.changes.outputs.installer-yubikey == 'true' }}
strategy:
matrix:
name:
- installer-yubikey
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d # v16
with:
source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
extra-conf: |
max-jobs = auto
- name: Nix cache (cachix)
uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15
with:
useDaemon: true
name: terlar
extraPullNames: cuda-maintainers
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
skipPush: true
- name: Build ISO
run: |
GC_DONT_GC=1 nix build --print-build-logs .#nixosConfigurations.${{ matrix.name }}.config.system.build.isoImage