1+ name : Nix CI
2+ " on "
3+ pull_request :
4+ push :
5+ branches : [master]
6+ schedule :
7+ - cron : 0 0 * * *
8+ workflow_dispatch : {}
9+
10+ env :
11+ nix_conf : access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
12+ substituters = https://cache.nixos.org/ https://nix-community.cachix.org https://cache.iog.io
13+ trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
14+
115jobs :
216 test :
317 name : Test extensions
4- permissions :
18+ permissions :
519 actions : write
6- runs-on :
7- - ubuntu-24.04
8- - ubuntu-24.04-arm
9- - macos-13
10- - macos-15
20+ strategy :
21+ matrix :
22+ os :
23+ - ubuntu-24.04
24+ - ubuntu-24.04-arm
25+ - macos-13
26+ - macos-15
27+ runs-on : ${{ matrix.os }}
28+ continue-on-error : true
1129 steps :
1230 - name : Checkout this repo
1331 uses : actions/checkout@v4
1432 - name : Install Nix
1533 uses : nixbuild/nix-quick-install-action@v30
1634 with :
17- nix_conf : |
18- access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
19- substituters = https://cache.nixos.org/ https://nix-community.cachix.org https://cache.iog.io
20- trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
21- name : Restore and cache Nix store
22- uses : nix-community/cache-nix-action@v6
35+ nix_conf : ${{ env.nix_conf }}
36+ - uses : nix-community/cache-nix-action/restore@v6
37+ with :
38+ primary-key : nix-test-${{ runner.os }}-${{ runner.arch }}-${{ hashfiles('**/flake.nix', '**/flake.lock', '**/*.nix') }}
39+ restore-prefixes-first-match : nix-test-${{ runner.os }}-${{ runner.arch }}-
40+ - name : Build VS Codium with extensions
41+ run : nix build
42+ - name : Check flake
43+ run : nix flake check
44+ - uses : nix-community/cache-nix-action/save@v6
45+ if : always()
2346 with :
24- primary-key : nix-test-${{ hashfiles('**/flake.nix', '**/flake.lock', '**/*.nix') }}
25- restore-prefixes-first-match : nix-test-
47+ primary-key : nix-test-${{ runner.os }}-${{ runner.arch }}-${{ hashfiles('**/flake.nix', '**/flake.lock', '**/*.nix') }}
2648 gc-max-store-size-linux : 7500000000
2749 purge : true
28- purge-prefixes : nix-test-
50+ purge-prefixes : nix-test-${{ runner.os }}-${{ runner.arch }}-
2951 purge-created : 0
3052 purge-primary-key : never
31- - name : Build VS Codium with extensions
32- run : nix build
33- - name : Run checks
34- run : nix flake check
3553
36- nixCI :
37- name : Nix CI
54+ update :
55+ name : Update data and flakes
56+ needs : test
3857 permissions :
3958 actions : write
4059 contents : write
4160 pull-requests : write
4261 runs-on : ubuntu-latest
43- env :
44- branch_is_not_master : ${{ github.ref_name != 'master' }}
62+ if : github.ref_name == 'master'
4563 steps :
4664 - name : Checkout this repo
4765 uses : actions/checkout@v4
4866 - name : Install Nix
49- uses : nixbuild/nix-quick-install-action@v27
67+ uses : nixbuild/nix-quick-install-action@v30
5068 with :
51- nix_conf : |
52- access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
53- substituters = https://cache.nixos.org/ https://nix-community.cachix.org https://cache.iog.io
54- trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=
55- name : Restore and cache Nix store
56- uses : nix-community/cache-nix-action@v6
69+ nix_conf : ${{ env.nix_conf }}
70+ - uses : nix-community/cache-nix-action/restore@v6
5771 with :
58- primary-key : nix-update-${{ hashfiles('**/flake.nix', '**/flake. lock', 'haskell/**/* ') }}
72+ primary-key : nix-update-${{ hashfiles('{.,nix-dev}/*.{nix, lock} ', 'haskell') }}
5973 restore-prefixes-first-match : nix-update-
60- gc-max-store-size-linux : 7500000000
61- purge : true
62- purge-prefixes : nix-update-
63- purge-created : 0
64- purge-primary-key : never
65- - name : Remove old cache profiles
66- run : rm -rf /nix/var/nix/profiles/cache
6774 - name : Configure git
68- if : always() && env.branch_is_not_master && runner.os == 'Linux'
6975 env :
7076 # required for gh
7177 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
7278 run : |
73- ${{ github.head_ref && format('gh pr checkout {0}', github.event.pull_request.number) || ''}}
74-
7579 git config --global user.email "github-actions[bot]@users.noreply.github.com"
7680 git config --global user.name "github-actions[bot]"
7781name : Pull latest changes
7882 run : git pull --rebase --autostash
7983 - name : Update flake locks
80- run : |-
81- nix profile install nix-dev/#updateLocks
82- nix run nix-dev/#updateLocks
84+ run : |
85+ (cd nix-dev; nix flake update)
86+ (cd template; nix flake update)
8387name : Format Nix files
84- run : |-
85- nix profile install nix-dev/#format
86- nix run nix-dev/#format
88+ run : nix fmt
8789 - name : Update extensions
88- run : |-
89- nix profile install nix-dev/#updateExtensions
90- nix run nix-dev/#updateExtensions -- --config .github/config.yaml
90+ run : nix run nix-dev/#updateExtensions -- --config .github/config.yaml
9191 - name : Update extra extensions
92- run : |-
93- nix profile install nix-dev/#updateExtraExtensions
94- nix run nix-dev/#updateExtraExtensions
92+ run : nix run nix-dev/#updateExtraExtensions
9593 - name : Commit and push changes
9694 run : |-
9795 git pull --rebase --autostash
@@ -106,19 +104,50 @@ jobs:
106104 || echo "commit failed!"
107105
108106 git push
107+ uses : nix-community/cache-nix-action/save@v6
108+ if : always()
109+ with :
110+ primary-key : nix-update-${{ hashfiles('{.,nix-dev}/*.{nix,lock}', 'haskell') }}
111+ gc-max-store-size-linux : 7500000000
112+ purge : true
113+ purge-prefixes : nix-update-
114+ purge-created : 0
115+ purge-primary-key : never
116+
117+ test-template :
118+ name : Test template works
119+ needs : update
120+ permissions :
121+ actions : write
122+ strategy :
123+ matrix :
124+ os :
125+ - ubuntu-24.04
126+ - ubuntu-24.04-arm
127+ - macos-13
128+ - macos-15
129+ runs-on : ${{ matrix.os }}
130+ continue-on-error : true
131+ steps :
132+ - name : Checkout this repo
133+ uses : actions/checkout@v4
134+ - name : Install Nix
135+ uses : nixbuild/nix-quick-install-action@v30
136+ with :
137+ nix_conf : ${{env.nix_conf}}
138+ - name : Restore and cache Nix store
139+ uses : nix-community/cache-nix-action/restore@v6
140+ with :
141+ primary-key : nix-template-${{ runner.os }}-${{ runner.arch }}-${{ hashfiles('template/flake.nix', 'template/flake.lock') }}
142+ - name : Pull latest changes
143+ run : git pull --rebase --autostash
109144 - name : Check template VSCodium
110- run : |
111- nix profile install template/
112- nix run template/ -- --list-extensions
113- name : Save flakes
114- run : |-
115- nix profile install nix-dev/#saveFlakes
116- nix run nix-dev/#saveFlakes
117- name : Nix CI
118- " on "
119- pull_request :
120- push :
121- branches : [master]
122- schedule :
123- - cron : 0 0 * * *
124- workflow_dispatch : {}
145+ run : nix develop template/# -c code --list-extensions
146+ - uses : nix-community/cache-nix-action/save@v6
147+ if : always()
148+ with :
149+ primary-key : nix-template-${{ runner.os }}-${{ runner.arch }}-${{ hashfiles('template/flake.nix', 'template/flake.lock') }}
150+ purge : true
151+ purge-prefixes : nix-template-${{ runner.os }}-${{ runner.arch }}-
152+ purge-created : 0
153+ purge-primary-key : never
0 commit comments