|
1 | | -name: 'CI' |
| 1 | +name: CI |
2 | 2 |
|
3 | 3 | on: |
4 | | - # Allow this workflow to be reused by other workflows: |
5 | | - workflow_call: |
6 | | - inputs: |
7 | | - do_deploy: |
8 | | - description: 'Deploy to cachix' |
9 | | - type: 'boolean' |
10 | | - default: false |
11 | | - required: false |
12 | | - secrets: |
13 | | - CACHIX_AUTH_TOKEN: |
14 | | - description: 'Cachix auth token' |
15 | | - required: true |
16 | | - CACHIX_ACTIVATE_TOKEN: |
17 | | - description: 'Cachix activate token' |
18 | | - required: false |
19 | | - NIX_GITHUB_TOKEN: |
20 | | - description: GitHub token to add as access-token in nix.conf |
21 | | - required: false |
22 | | - |
23 | 4 | # Allow this workflow to be triggered manually: |
24 | 5 | workflow_dispatch: |
25 | | - inputs: |
26 | | - do_deploy: |
27 | | - description: 'Deploy to cachix' |
28 | | - type: 'boolean' |
29 | | - default: false |
30 | | - required: false |
31 | 6 |
|
32 | | - # Allow this workflow to be triggered in merge |
| 7 | + # Allow this workflow to be run in merge queues: |
33 | 8 | merge_group: |
34 | 9 |
|
35 | | - push: |
| 10 | + # Run this workflow when PRs target `main` and when they're merged in `main`: |
| 11 | + pull_request: |
36 | 12 | branches: |
37 | 13 | - main |
38 | | - pull_request: |
| 14 | + push: |
39 | 15 | branches: |
40 | 16 | - main |
41 | 17 |
|
42 | | -concurrency: |
43 | | - group: ${{ github.workflow }}-${{ github.repository }}-${{ github.event.pull_request.number || github.ref }} |
44 | | - cancel-in-progress: true |
45 | | - |
46 | 18 | jobs: |
47 | | - post-initial-comment: |
48 | | - runs-on: self-hosted |
49 | | - steps: |
50 | | - - name: 'Post initial package status comment' |
51 | | - uses: marocchino/[email protected] |
52 | | - with: |
53 | | - recreate: true |
54 | | - message: | |
55 | | - Thanks for your Pull Request! |
56 | | -
|
57 | | - This comment will be updated automatically with the status of each package. |
58 | | -
|
59 | | - generate-matrix-matrix: |
60 | | - name: Generate Matrix of Matrices |
61 | | - runs-on: self-hosted |
62 | | - steps: |
63 | | - - name: Install Nix |
64 | | - uses: metacraft-labs/nixos-modules/.github/install-nix@main |
65 | | - with: |
66 | | - cachix-cache: ${{ vars.CACHIX_CACHE }} |
67 | | - cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} |
68 | | - trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} |
69 | | - substituters: ${{ vars.SUBSTITUTERS }} |
70 | | - nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} |
71 | | - |
72 | | - - uses: actions/checkout@v4 |
73 | | - |
74 | | - - name: Generate Matrix for Matrix |
75 | | - id: generate-matrix |
76 | | - env: |
77 | | - CACHIX_CACHE: ${{ vars.CACHIX_CACHE }} |
78 | | - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} |
79 | | - MCL_BRANCH: ${{ github.repository == 'metacraft-labs/nixos-modules' && github.sha || 'main' }} |
80 | | - run: nix run --accept-flake-config github:metacraft-labs/nixos-modules/${{ env.MCL_BRANCH }}#mcl shard_matrix |
81 | | - outputs: |
82 | | - gen_matrix: ${{ steps.generate-matrix.outputs.gen_matrix }} |
83 | | - |
84 | | - generate-matrix: |
85 | | - needs: generate-matrix-matrix |
86 | | - runs-on: self-hosted |
87 | | - strategy: |
88 | | - matrix: ${{fromJSON(needs.generate-matrix-matrix.outputs.gen_matrix)}} |
89 | | - name: Generate Matrix ${{ matrix.digit != -1 && matrix.digit || '' }} |
90 | | - steps: |
91 | | - - name: Install Nix |
92 | | - uses: metacraft-labs/nixos-modules/.github/install-nix@main |
93 | | - with: |
94 | | - cachix-cache: ${{ vars.CACHIX_CACHE }} |
95 | | - cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} |
96 | | - trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} |
97 | | - substituters: ${{ vars.SUBSTITUTERS }} |
98 | | - nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} |
99 | | - |
100 | | - - uses: actions/checkout@v4 |
101 | | - |
102 | | - - name: Generate CI Matrix |
103 | | - id: generate-matrix |
104 | | - shell: bash |
105 | | - env: |
106 | | - IS_INITIAL: 'true' |
107 | | - CACHIX_CACHE: ${{ vars.CACHIX_CACHE }} |
108 | | - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} |
109 | | - FLAKE_PRE: ${{ matrix.prefix }} |
110 | | - FLAKE_POST: ${{ matrix.postfix }} |
111 | | - MCL_BRANCH: ${{ github.repository == 'metacraft-labs/nixos-modules' && github.sha || 'main' }} |
112 | | - run: nix run --accept-flake-config github:metacraft-labs/nixos-modules/${{ env.MCL_BRANCH }}#mcl ci_matrix |
113 | | - |
114 | | - - uses: actions/upload-artifact@v4 |
115 | | - with: |
116 | | - name: matrix-pre${{ matrix.digit != -1 && format('-{0}', matrix.digit) || '' }} |
117 | | - path: matrix-pre.json |
118 | | - outputs: |
119 | | - matrix: ${{ steps.generate-matrix.outputs.matrix }} |
120 | | - |
121 | | - slurp-matrix: |
122 | | - runs-on: self-hosted |
123 | | - needs: generate-matrix |
124 | | - name: Merge matrices |
125 | | - outputs: |
126 | | - matrix: ${{ steps.matrix.outputs.matrix }} |
127 | | - fullMatrix: ${{ steps.matrix.outputs.fullMatrix }} |
128 | | - steps: |
129 | | - - uses: actions/download-artifact@v4 |
130 | | - - name: Merge matrices |
131 | | - run: | |
132 | | - # Check if jq is installed |
133 | | - if ! command -v jq &> /dev/null; then |
134 | | - PATH="$(nix build --print-out-paths 'nixpkgs#jq^bin')/bin:$PATH" |
135 | | - export PATH |
136 | | - fi |
137 | | -
|
138 | | - ls */matrix-pre.json |
139 | | - matrix="$(cat */matrix-pre.json | jq -cr '.include[]' | jq '[ select (.isCached == false) ]' | jq -s 'add' | jq -c '. | {include: .}')" |
140 | | -
|
141 | | - if [[ "$matrix" == '' ]] || [[ "$matrix" == '{}' ]] || [[ "$matrix" == '{"include":null}' ]] || [[ "$matrix" == '{"include":[]}' ]]; then |
142 | | - matrix='{"include":[]}' |
143 | | - fi |
144 | | -
|
145 | | - echo "---" |
146 | | - echo "Matrix:" |
147 | | - echo "$matrix" | jq |
148 | | - echo "---" |
149 | | - echo |
150 | | - echo |
151 | | -
|
152 | | - fullMatrix="$(cat */matrix-pre.json | jq -cr '.include' | jq -s 'add' | jq -c '. | {include: .}')" |
153 | | -
|
154 | | - echo "---" |
155 | | - echo "Full Matrix:" |
156 | | - echo "$fullMatrix" | jq |
157 | | - echo "---" |
158 | | -
|
159 | | - echo "matrix=$matrix" >> $GITHUB_OUTPUT |
160 | | - echo "fullMatrix=$fullMatrix" >> $GITHUB_OUTPUT |
161 | | -
|
162 | | - id: matrix |
163 | | - - name: Post Comment |
164 | | - id: print-matrix |
165 | | - uses: metacraft-labs/nixos-modules/.github/print-matrix@main |
166 | | - with: |
167 | | - is-initial: 'true' |
168 | | - cachix-cache: ${{ vars.CACHIX_CACHE }} |
169 | | - cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} |
170 | | - trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} |
171 | | - substituters: ${{ vars.SUBSTITUTERS }} |
172 | | - precalc_matrix: ${{ steps.matrix.outputs.fullMatrix }} |
173 | | - pr-comment-github-token: ${{ secrets.GITHUB_TOKEN }} |
174 | | - nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} |
175 | | - |
176 | | - build: |
177 | | - needs: slurp-matrix |
178 | | - if: needs.slurp-matrix.outputs.matrix != '{"include":[]}' |
179 | | - |
180 | | - strategy: |
181 | | - fail-fast: false |
182 | | - matrix: ${{fromJSON( needs.slurp-matrix.outputs.matrix )}} |
183 | | - |
184 | | - name: ${{ matrix.name }} | ${{ matrix.system }} |
185 | | - runs-on: ${{ matrix.os }} |
186 | | - continue-on-error: ${{ matrix.allowedToFail }} |
187 | | - |
188 | | - steps: |
189 | | - - uses: actions/checkout@v4 |
190 | | - |
191 | | - - name: Install Nix |
192 | | - uses: metacraft-labs/nixos-modules/.github/install-nix@main |
193 | | - with: |
194 | | - cachix-cache: ${{ vars.CACHIX_CACHE }} |
195 | | - cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} |
196 | | - trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} |
197 | | - substituters: ${{ vars.SUBSTITUTERS }} |
198 | | - nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} |
199 | | - |
200 | | - - name: Build ${{ matrix.name }} |
201 | | - run: | |
202 | | - nix build -L --no-link --keep-going --show-trace \ |
203 | | - '.#${{ matrix.attrPath }}' |
204 | | -
|
205 | | - - name: Push to Cachix ${{ matrix.name }} |
206 | | - run: | |
207 | | - cachix push ${{ vars.CACHIX_CACHE }} ${{ matrix.output }} |
208 | | -
|
209 | | - results: |
210 | | - runs-on: self-hosted |
211 | | - name: Final Results |
212 | | - needs: [build, slurp-matrix] |
213 | | - if: always() |
214 | | - steps: |
215 | | - - name: Post Comment |
216 | | - uses: metacraft-labs/nixos-modules/.github/print-matrix@main |
217 | | - with: |
218 | | - is-initial: 'false' |
219 | | - cachix-cache: ${{ vars.CACHIX_CACHE }} |
220 | | - cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }} |
221 | | - trusted-public-keys: ${{ vars.TRUSTED_PUBLIC_KEYS }} |
222 | | - substituters: ${{ vars.SUBSTITUTERS }} |
223 | | - precalc_matrix: ${{ needs.slurp-matrix.outputs.fullMatrix }} |
224 | | - pr-comment-github-token: ${{ secrets.GITHUB_TOKEN }} |
225 | | - nix-github-token: ${{ secrets.NIX_GITHUB_TOKEN }} |
226 | | - |
227 | | - - run: exit 1 |
228 | | - if: >- |
229 | | - needs.slurp-matrix.outputs.matrix != '{"include":[]}' |
230 | | - && contains(needs.*.result, 'failure') |
231 | | - || contains(needs.*.result, 'cancelled') |
232 | | -
|
233 | | - - uses: actions/checkout@v4 |
234 | | - if: inputs.do_deploy |
235 | | - |
236 | | - - name: Deploy |
237 | | - if: inputs.do_deploy |
238 | | - env: |
239 | | - CACHIX_CACHE: ${{ vars.CACHIX_CACHE }} |
240 | | - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} |
241 | | - CACHIX_ACTIVATE_TOKEN: '${{ secrets.CACHIX_ACTIVATE_TOKEN }}' |
242 | | - MCL_BRANCH: ${{ github.repository == 'metacraft-labs/nixos-modules' && github.sha || 'main' }} |
243 | | - run: nix run --accept-flake-config github:metacraft-labs/nixos-modules/${{ env.MCL_BRANCH }}#mcl deploy_spec |
| 19 | + ci: |
| 20 | + uses: metacraft-labs/nixos-modules/.github/workflows/flake-checks-ci-matrix.yml@main |
| 21 | + secrets: inherit |
| 22 | + with: |
| 23 | + runner: '["self-hosted", "Linux", "x86-64-v2"]' |
| 24 | + run-cachix-deploy: false |
0 commit comments