better compose overlay + add aarch64 support (#53)

* better compose overlay + add aarch64 support * ci: update workflows
author: seth <[email protected]> 2024-04-27 04:40:29 +0000
committer: GitHub <[email protected]> 2024-04-27 00:40:29 -0400
commit: a0a9cb51e35e915dbcc1d7bda430f45c4353c8ff (patch)
tree: 53041599823eddafbf464f1ddb5fcc0a95f63324 /.github/workflows
parent: fbc60151f13d4529bea400f55c698dc1468eec46 (diff)
2 files changed, 83 insertions, 31 deletions
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 2d1132d..30226ff 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -1,55 +1,65 @@
-name: ci
+name: CI
 
 on:
   push:
+    branches: [main]
   pull_request:
   workflow_dispatch:
 
-permissions:
-  packages: write
-
 jobs:
   build:
+    name: Build
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
-      - uses: cachix/install-nix-action@v26
-      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install Nix
+        uses: cachix/install-nix-action@v26
+
+      - name: Setup Nix cache
+        uses: DeterminateSystems/magic-nix-cache-action@v4
 
       - run: |
-          nix build .#workerd-docker
-          readlink result | xargs -I {} cp {} workerd.tar.gz
+          nix build .#container-x86_64
+          readlink -f result | xargs -I {} cp {} workerd.tar.gz
 
-      - name: upload docker image
+      - name: Upload container image
         uses: actions/upload-artifact@v4
         with:
           name: container
           path: workerd.tar.gz
 
-  upload-to-docker:
+  push:
+    name: Push to registry
+
     runs-on: ubuntu-latest
+
     needs: build
-    if: github.ref == 'refs/heads/main'
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+
+    permissions:
+       packages: write
 
     env:
       REGISTRY: ghcr.io
 
     steps:
-      - name: download docker image
+      - name: Download container image
         uses: actions/download-artifact@v4
         with:
           name: container
 
-      - name: login to ${{ env.REGISTRY }}
+      - name: Login to ${{ env.REGISTRY }}
         uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: "getchoo"
           password: ${{ github.token }}
 
-      - name: upload to ${{ env.REGISTRY }}
+      - name: Upload to ${{ env.REGISTRY }}
         run: |
           docker load < workerd.tar.gz
-          docker tag workerd:latest ${{ env.REGISTRY }}/getchoo/workerd:latest
-          docker push ${{ env.REGISTRY }}/getchoo/workerd:latest
+          docker tag workerd:latest "$REGISTRY"/getchoo/workerd:latest
+          docker push "$REGISTRY"/getchoo/workerd:latest
diff --git a/.github/workflows/update-flake.yaml b/.github/workflows/update-flake.yaml
index 7f5fc6b..dd290f9 100644
--- a/.github/workflows/update-flake.yaml
+++ b/.github/workflows/update-flake.yaml
@@ -1,24 +1,66 @@
-name: update flake inputs
+name: Update lockfiles
 
 on:
   schedule:
+    # run every saturday
     - cron: "0 0 * * 6"
   workflow_dispatch:
 
-permissions:
-  contents: write
-  pull-requests: write
-
 jobs:
-  update-flake:
+  update:
+    name: Run update
     runs-on: ubuntu-latest
 
+    permissions:
+      contents: write
+      pull-requests: write
+
+    env:
+      PR_BRANCH: "update-lockfiles"
+
     steps:
-      - uses: actions/checkout@v4
-      - uses: cachix/install-nix-action@v26
-      - uses: DeterminateSystems/magic-nix-cache-action@main
-
-      - uses: DeterminateSystems/update-flake-lock@v21
-        with:
-          commit-msg: "deps(flake): update inputs"
-          pr-title: "deps(flake): update inputs"
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install Nix
+        uses: cachix/install-nix-action@v26
+
+      - name: Set Git user info
+        run: |
+          git config user.name 'github-actions[bot]'
+          git config user.email 'github-actions[bot]@users.noreply.github.com'
+
+      - name: Create new branch
+        id: branch
+        run: |
+          git switch -c "$PR_BRANCH"
+
+      - name: Update flake inputs
+        run: |
+          nix flake update \
+            --commit-lock-file \
+            --commit-lockfile-summary "nix: update flake.lock"
+
+      - name: Make PR if needed
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          if ! git diff --color=always --exit-code origin/main; then
+            git fetch origin "$PR_BRANCH" || true
+            git push --force-with-lease -u origin "$PR_BRANCH"
+
+            open_prs="$(gh pr list --base main --head "$PR_BRANCH" | wc -l)"
+            if [ "$open_prs" -eq 0 ]; then
+              gh pr create \
+                --base main \
+                --head "$PR_BRANCH" \
+                --title "nix: update flake.lock" \
+                --fill
+            fi
+          fi
+
+      - name: Enable auto-merge
+        shell: bash
+        run: gh pr merge --auto --squash
+        env:
+          GH_TOKEN: ${{ github.token }}
author	seth <[email protected]>	2024-04-27 04:40:29 +0000
committer	GitHub <[email protected]>	2024-04-27 00:40:29 -0400
commit	a0a9cb51e35e915dbcc1d7bda430f45c4353c8ff (patch)
tree	53041599823eddafbf464f1ddb5fcc0a95f63324 /.github/workflows
parent	fbc60151f13d4529bea400f55c698dc1468eec46 (diff)