ci: back to garnix once again

i kinda miss hci but im done switching until i get infra for it
author: seth <[email protected]> 2023-12-16 12:12:20 -0500
committer: seth <[email protected]> 2023-12-16 13:09:49 -0500
commit: 0ed2febd06cbf1d4e0af957e2981296ea1b373ab (patch)
tree: c8a39869da8aad241c10571793eb33f516672319 /.github/workflows
parent: c648beab27adbbf2bfd8bafad56ae54bb3e1b195 (diff)
2 files changed, 10 insertions, 138 deletions
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
deleted file mode 100644
index 60e2dec..0000000
--- a/.github/workflows/ci.yaml
+++ /dev/null
@@ -1,123 +0,0 @@
-name: CI
-
-on:
-  pull_request:
-  workflow_call:
-    secrets:
-      ATTIC_TOKEN:
-        required: true
-  workflow_dispatch:
-
-jobs:
-  eval:
-    name: Evaluate flake
-    runs-on: ubuntu-latest
-
-    outputs:
-      matrix: ${{ steps.evaluate.outputs.matrix }}
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Install Nix
-        uses: DeterminateSystems/nix-installer-action@v9
-
-      - name: Evaluate matrix
-        id: evaluate
-        run: |
-          set -eu
-          echo "matrix=$(nix eval --show-trace --json .#githubWorkflow.matrix)" >> "$GITHUB_OUTPUT"
-
-  build:
-    needs: eval
-
-    strategy:
-      fail-fast: false
-      matrix: ${{ fromJSON(needs.eval.outputs.matrix) }}
-
-    name: Build (${{ matrix.attr }})
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup QEMU
-        if: matrix.arch == 'aarch64'
-        uses: docker/setup-qemu-action@v3
-        with:
-          platforms: "arm64"
-
-      - name: Install Nix
-        if: matrix.arch != 'aarch64'
-        uses: DeterminateSystems/nix-installer-action@v9
-
-      - name: Install Nix (with aarch64)
-        if: matrix.arch == 'aarch64'
-        uses: DeterminateSystems/nix-installer-action@v9
-        with:
-          extra-conf: "extra-platforms = aarch64-linux arm-linux"
-
-      - name: Setup local Nix cache
-        uses: DeterminateSystems/magic-nix-cache-action@v2
-
-      - name: Setup Attic cache
-        if: github.event_name != 'pull_request'
-        uses: ryanccn/attic-action@v0
-        with:
-          endpoint: https://cache.mydadleft.me
-          cache: flake
-          token: ${{ secrets.ATTIC_TOKEN }}
-
-      - name: Run build
-        run: |
-          nix build -L --accept-flake-config .#${{ matrix.attr }}
-
-  check:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-latest, macos-latest]
-
-    name: Check flake (${{ matrix.os }})
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Install Nix
-        uses: DeterminateSystems/nix-installer-action@v9
-
-      - name: Setup local Nix cache
-        uses: DeterminateSystems/magic-nix-cache-action@v2
-
-      - name: Setup Attic cache
-        if: github.event_name != 'pull_request'
-        uses: ryanccn/attic-action@v0
-        with:
-          endpoint: https://cache.mydadleft.me
-          cache: flake
-          token: ${{ secrets.ATTIC_TOKEN }}
-
-      - name: Run check
-        run: nix flake check --show-trace --accept-flake-config
-
-  # https://github.com/orgs/community/discussions/26822#discussioncomment-3305794
-  gate:
-    needs: [build, check]
-
-    name: CI Gate
-    runs-on: ubuntu-latest
-
-    if: always()
-
-    steps:
-      - name: Exit with result
-        run: |
-          build_result="${{ needs.build.result }}"
-          check_result="${{ needs.check.result }}"
-
-          results=("$build_result" "$check_result")
-
-          for result in "${results[@]}"; do [ "$result" != "success" ] && exit 1; done
-
-          exit 0
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index 0311f3f..be6f850 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -1,22 +1,21 @@
 name: Deploy infrastructure
 
 on:
-  push:
-    branches: [main]
+  check_suite:
+    types: [completed]
   workflow_dispatch:
 
 jobs:
-  ci:
-    name: CI
-    uses: ./.github/workflows/ci.yaml
-    secrets: inherit
-
   nixos:
-    needs: ci
-
     name: Deploy NixOS systems
     runs-on: ubuntu-latest
 
+    # https://github.com/sellout/bash-strict-mode/commit/9bf1d65c2f786a9887facfcb81e06d8b8b5f4667
+    if: github.event.check_suite.app.name == 'Garnix CI'
+      && github.event.check_suite.conclusion == 'success'
+      && github.event.check_suite.latest_check_runs_count >= 12
+      && github.event.check_suite.head_branch == 'main'
+
     concurrency:
       group: deploy
       cancel-in-progress: true
@@ -27,12 +26,8 @@ jobs:
       - name: Install Nix
         uses: DeterminateSystems/nix-installer-action@v9
 
-      - name: Setup Attic cache
-        uses: ryanccn/attic-action@v0
-        with:
-          endpoint: https://cache.mydadleft.me
-          cache: flake
-          token: ${{ secrets.ATTIC_TOKEN }}
+      - name: Setup local Nix cache
+        uses: DeterminateSystems/magic-nix-cache-action@v2
 
       - name: Connect to Tailscale
         uses: tailscale/github-action@v2
author	seth <[email protected]>	2023-12-16 12:12:20 -0500
committer	seth <[email protected]>	2023-12-16 13:09:49 -0500
commit	0ed2febd06cbf1d4e0af957e2981296ea1b373ab (patch)
tree	c8a39869da8aad241c10571793eb33f516672319 /.github/workflows
parent	c648beab27adbbf2bfd8bafad56ae54bb3e1b195 (diff)