chores: use custom github runners #3563

Workflow file for this run

.github/workflows/nix-build.yml at 30f48e4

	name: Nix CI

	on:
	push:
	branches:
	- develop
	- release/*
	pull_request:
	workflow_dispatch:

	permissions:
	id-token: write
	# required by dependent workflows
	contents: write
	packages: write

	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number \|\| github.ref }}
	cancel-in-progress: ${{ github.event_name == 'pull_request' }}

	jobs:
	nix-matrix:
	runs-on:
	group: self-hosted-runners-nix
	labels:
	- aarch64-darwin
	outputs:
	matrix: ${{ steps.set-matrix.outputs.matrix }}
	steps:
	- name: Checkout Repo
	uses: actions/checkout@v4
	- id: set-matrix
	name: Generate Nix Matrix
	run: \|
	set -Eeu
	# fast eval
	nix-eval-jobs --flake '.#githubActions.matrix'
	# capture the output
	matrix="$(nix eval --json '.#githubActions.matrix')"
	echo "###################################################################"
	echo $matrix
	echo "###################################################################"
	echo "matrix=$matrix" >> "$GITHUB_OUTPUT"

	build-run-image:
	name: ${{ matrix.name }} (${{ matrix.system }})
	needs: nix-matrix
	runs-on:
	group: ${{ matrix.os == 'blacksmith-32vcpu-ubuntu-2404' && '' \|\| 'self-hosted-runners-nix' }}
	labels:
	- ${{ matrix.os }}
	strategy:
	fail-fast: false
	matrix: ${{fromJSON(needs.nix-matrix.outputs.matrix)}}
	steps:
	- name: Checkout Repo
	uses: actions/checkout@v4
	- name: aws-oidc
	uses: aws-actions/[email protected]
	with:
	aws-region: us-east-2
	role-to-assume: arn:aws:iam::279559813984:role/supabase-github-oidc-role # Shared Services
	role-session-name: gha-oidc-${{ github.run_id }}
	- name: aws-creds
	uses: aws-actions/[email protected]
	with:
	disable-retry: true
	aws-region: us-east-2
	role-to-assume: arn:aws:iam::436098097459:role/nix-artifacts-deploy-role # supabase-dev
	role-session-name: gha-oidc-${{ github.run_id }}
	role-chaining: true
	role-skip-session-tagging: true
	role-duration-seconds: 900 # TODO: switch to 18000 (5 hours)
	- name: Write creds files
	run: \|
	umask 006
	cat > /etc/nix/aws/nix-aws-credentials <<EOF
	[ci-uploader]
	aws_access_key_id = ${AWS_ACCESS_KEY_ID}
	aws_secret_access_key = ${AWS_SECRET_ACCESS_KEY}
	aws_session_token = ${AWS_SESSION_TOKEN}
	EOF
	- name: nix-fast-build
	run: \|
	declare -a args=(
	'--no-nom'
	'--skip-cached'
	'--systems=${{ env.system }}'
	'--option' 'accept-flake-config' 'true'
	'--retries=3'
	)
	args+=('--flake=${{ env.flake }}#${{ matrix.attr }}')
	nix-fast-build ${args[@]}

	run-tests:
	needs: build-run-image
	if: ${{ success() }}
	uses: ./.github/workflows/test.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chores: use custom github runners #3563

Workflow file

chores: use custom github runners #3563

Uh oh!

Jobs

Run details

Workflow file for this run