haskell-with-nixpkgs/.github/workflows/Optional-Nix-dev-env-main.yml at master · haskell-nix/haskell-with-nixpkgs · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
name: "Nixpkgs, Linux, main"

# When to trigger builds
on:
  # On Git changes in PR
  pull_request:
  # On Git changes of the master
  push:
    branches:
      - master
  schedule:
    # Every day at 03:45
    - cron: "45 03 * * *"


env:
  ###
  ### NOTE: Table example of the provided build configuration keys
  ### Infrastructure uses `build.sh` API, which uses `default.nix` API, which exposes the almost literal Nixpkgs Haskell Lib API wich was abstracted for use outside of Nix language.
  ###
  ### Documentation of this settings is mosly in `default.nix`, since most settings is Nixpkgs related
  ### and the other part of keys explained in `build.sh`, since those address external procedures aound the builds.
  ### Additional documentation is in Nixpkgs Haskell.lib: https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/lib.nix
  ###
  # nixos-unstable is a nixpkgs-upstable that passed a number of upstream CI and quality checks, it is essentially a current branch while also receives stable updates fitting for our CI checkups with current Nixpkgs.
  # Note that Nix nature is purely functional lazy language, it is referentially transparent, reproducible (deterministic) builds, that means that just as in the type system - any the Nix build failures properly cascade through the Nixpkgs tree graph branch, so particular `master` broken checkouts would properly refuse/would not be able to build parts of Nixpkgs tree graph. So the Nix builds are pretty brittle, do not be ashamed to make Nixpkgs builds optional (`continue-on-error: true`), or set them to the latest stable NixOS Nixpkgs release.
  rev: "nixos-unstable"
  # Project Cachix account
  cachixAccount: "haskell-with-nixpkgs"
  CACHIX_SIGNING_KEY: "${{ secrets.CACHIX_SIGNING_KEY }}"
  allowInconsistentDependencies: "false"
  doJailbreak: "false"
  doCheck: "true"
  sdistTarball: "false"
  buildFromSdist: "false"
  buildStrictly: "false"
  failOnAllWarnings: "false"
  enableDeadCodeElimination: "false"
  disableOptimization: "true"
  linkWithGold: "true"
  enableLibraryProfiling: "false"
  enableExecutableProfiling: "false"
  doTracing: "false"
  enableDWARFDebugging: "false"
  doStrip: "false"
  enableSharedLibraries: "true"
  enableStaticLibraries: "false"
  enableSharedExecutables: "false"
  justStaticExecutables: "false"
  enableSeparateBinOutput: "false"
  checkUnusedPackages: "false"
  doHaddock: "false"
  doHyperlinkSource: "false"
  doCoverage: "false"
  doBenchmark: "false"
  generateOptparseApplicativeCompletions: "false"
  executableNamesToShellComplete: '[ "replaceWithExecutableName" ]'


jobs:

  # NOTE: Basic example
  build10:
    name: "NixOS-unstable channel, default GHC (8.8)"
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
    - name: "Git checkout"
      uses: actions/checkout@v2
    - name: "Install Nix"
      uses: cachix/install-nix-action@v12
      with:
        nix_path: "nixpkgs=channel:${{ env.rev }}"
    - name: "Install Cachix"
      uses: cachix/cachix-action@v8
      with:
        name: "${{ env.cachixAccount }}"
        signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
    - name: "Determined Nix-build"
      run: ./build.sh

  build50:
    name: "NixOS-unstable channel, GHC 8.6.5"
    runs-on: ubuntu-latest
    continue-on-error: true
    env:
      compiler: "ghc865"
    steps:
    - name: "Git checkout"
      uses: actions/checkout@v2
    - name: "Install Nix"
      uses: cachix/install-nix-action@v12
      with:
        nix_path: "nixpkgs=channel:${{ env.rev }}"
    - name: "Install Cachix"
      uses: cachix/cachix-action@v8
      with:
        name: "${{ env.cachixAccount }}"
        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
    - name: "Determined Nix-build"
      run: ./build.sh

  # NOTE: Example of customization using Nixpkgs Haskell Lib API
  build20:
    name: "Release-quality test, SDist, Optimizations, Benchmark, Haddock, GHC 8.10.1"
    runs-on: ubuntu-latest
    continue-on-error: true
    # Matrix of builds for multiple subprojects in a monorepo
    strategy:
      matrix:
        packageRoots: [ ./ ]
    steps:
    - name: "Git checkout"
      uses: actions/checkout@v2
    - name: "Install Nix"
      uses: cachix/install-nix-action@v12
      with:
        nix_path: "nixpkgs=channel:${{ env.rev }}"
    - name: "Install Cachix"
      uses: cachix/cachix-action@v8
      with:
        name: "${{ env.cachixAccount }}"
        signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
    - name: "Determined Nix-build"
      env:
        compiler: "ghc8101"
        buildFromSdist: "true"
        linkWithGold: "true"
        doHaddock: "true"
        doHyperlinkSource: "true"
        disableOptimization: "false"
        enableDeadCodeElimination: "true"
        doBenchmark: "true"
        generateOptparseApplicativeCompletions: "false"
        # packageRoot for CI builds can be just a paths, since CI uses remote Git repo that is already filtered with local .gitignore's
        packageRoot: "${{ matrix.packageRoots }}"
      run: ./build.sh


  # NOTE: Build on latest stable NixOS release
  build30:
    name: "NixOS 20.03 stable channel, default GHC (8.8)"
    runs-on: ubuntu-latest
    continue-on-error: true
    env:
      rev: "nixos-20.03"
    steps:
    - name: "Git checkout"
      uses: actions/checkout@v2
    - name: "Install Nix"
      uses: cachix/install-nix-action@v12
      with:
        nix_path: "nixpkgs=channel:${{ env.rev }}"
    - name: "Install Cachix"
      uses: cachix/cachix-action@v8
      with:
        name: "${{ env.cachixAccount }}"
        signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
    - name: "Determined Nix-build"
      run: ./build.sh


  # NOTE: This would additionally test that the Nix shell customization of the project works.
  # By default *this setup provides local hoogle and generates database of the documetation for the project and its dependencies
  build40:
    name: "Nix-shell & supplied locall project Hoogle DB"
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
    - name: "Git checkout"
      uses: actions/checkout@v2
    - name: "Install Nix"
      uses: cachix/install-nix-action@v12
      with:
        nix_path: "nixpkgs=channel:${{ env.rev }}"
    - name: "Install Cachix"
      uses: cachix/cachix-action@v8
      with:
        name: "${{ env.cachixAccount }}"
        signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
    - name: "Nix-shell"
      run: nix-shell --pure --command 'echo "Evaluated, loaded and entered $IN_NIX_SHELL Nix shell env."'
    - name: "Local Hoogle DB for the project development and tooling"
      run: nix-shell --pure --command 'hoogle True'


  # Other samples of tests used in the project see in the directory