diff options
| author | Seth Flynn <[email protected]> | 2025-02-10 15:58:39 -0500 |
|---|---|---|
| committer | Seth Flynn <[email protected]> | 2025-02-10 20:26:23 -0500 |
| commit | dd618800566a51365411683f9a4c789923cdc874 (patch) | |
| tree | 88aa89284542c265a564a81a3e7bdffc7ac27916 | |
| parent | cd21ca8e9894f7d8dbe7628952c6345174c3eb15 (diff) | |
flake: use checks for CI
| -rw-r--r-- | .github/workflows/ci.yaml | 21 | ||||
| -rw-r--r-- | README.md | 4 | ||||
| -rw-r--r-- | flake.nix | 1 | ||||
| -rw-r--r-- | flake/ci.nix | 142 | ||||
| -rw-r--r-- | lib/default.nix | 80 |
5 files changed, 156 insertions, 92 deletions
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index cd6cee7..e9bddd9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -22,9 +22,6 @@ jobs: runs-on: ${{ matrix.os }} - env: - SYSTEM: ${{ matrix.system }} - steps: # https://github.com/actions/runner-images/issues/2840#issuecomment-790492173 - name: Clear disk space @@ -48,24 +45,22 @@ jobs: name: getchoo authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Run build + - name: Run checks run: | - nix run --inputs-from . \ - github:Mic92/nix-fast-build -- \ - --no-nom \ - --skip-cached \ - --option allow-import-from-derivation false \ - --flake ".#hydraJobs.$SYSTEM" + nix flake check \ + --print-build-logs \ + --show-trace build-gate: name: Build gate if: ${{ always() }} - needs: build + needs: [ build ] runs-on: ubuntu-latest steps: - name: Exit with error - if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') - run: exit 1 + if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + run: | + exit 1 @@ -18,6 +18,10 @@ greasy taco i love Pieces meant for maintaining this flake +## lib/ + +Small functions I like to use around here + ## modules/ Sets of modules meant for NixOS and @@ -22,6 +22,7 @@ inputs.getchpkgs.flakeModules.configurations ./flake + ./lib ./modules ./openwrt ./systems diff --git a/flake/ci.nix b/flake/ci.nix index 30cbd06..79c3828 100644 --- a/flake/ci.nix +++ b/flake/ci.nix @@ -1,97 +1,81 @@ -{ - config, - lib, - withSystem, - self, - ... -}: +{ self, ... }: { perSystem = - { config, pkgs, ... }: - { - quickChecks = { - actionlint = { - dependencies = [ pkgs.actionlint ]; - script = "actionlint ${self}/.github/workflows/**"; - }; - - deadnix = { - dependencies = [ pkgs.deadnix ]; - script = "deadnix --fail ${self}"; - }; - - hclfmt = { - dependencies = [ pkgs.hclfmt ]; - script = "hclfmt -require-no-change ${self}/terraform/*.tf"; - }; + config, + lib, + pkgs, + self', + system, + ... + }: - just = { - dependencies = [ pkgs.just ]; - script = '' - cd ${self} - just --check --fmt --unstable - just --summary - ''; - }; + let + collectNestedDerivations = self.lib.collectNestedDerivationsFor system; + in - nixfmt = { - dependencies = [ pkgs.nixfmt-rfc-style ]; - script = "nixfmt --check ${self}/**/*.nix"; + lib.mkMerge [ + { + checks = collectNestedDerivations { + inherit (self) + nixosConfigurations + homeConfigurations + darwinConfigurations + ; }; - statix = { - dependencies = [ pkgs.statix ]; - script = "statix check ${self}"; + legacyPackages = { + tflint = config.quickChecks.tflint.package; }; + } - tflint = { - dependencies = [ pkgs.tflint ]; - script = '' - tflint --chdir=${self}/terraform --format=sarif |& tee $out || true - ''; - }; - }; + # I don't really care to run these on other systems + (lib.mkIf (system == "x86_64-linux") { + checks = collectNestedDerivations { inherit (self') devShells; }; - legacyPackages = { - tflint = config.quickChecks.tflint.package; - }; - }; + quickChecks = { + actionlint = { + dependencies = [ pkgs.actionlint ]; + script = "actionlint ${self}/.github/workflows/**"; + }; - flake.hydraJobs = + deadnix = { + dependencies = [ pkgs.deadnix ]; + script = "deadnix --fail ${self}"; + }; - let - # Architecture of "main" CI machine - ciSystem = "x86_64-linux"; + hclfmt = { + dependencies = [ pkgs.hclfmt ]; + script = "hclfmt -require-no-change ${self}/terraform/*.tf"; + }; - derivFromCfg = deriv: deriv.config.system.build.toplevel or deriv.activationPackage; - mapCfgsToDerivs = lib.mapAttrs (lib.const derivFromCfg); - in + just = { + dependencies = [ pkgs.just ]; + script = '' + cd ${self} + just --check --fmt --unstable + just --summary + ''; + }; - lib.genAttrs config.systems ( - lib.flip withSystem ( - { - system, - self', - ... - }: + nixfmt = { + dependencies = [ pkgs.nixfmt-rfc-style ]; + script = "nixfmt --check ${self}/**/*.nix"; + }; - let - mapCfgsForSystem = - cfgs: lib.filterAttrs (lib.const (deriv: deriv.system == system)) (mapCfgsToDerivs cfgs); - in + statix = { + dependencies = [ pkgs.statix ]; + script = "statix check ${self}"; + }; - { - darwinConfigurations = mapCfgsForSystem self.darwinConfigurations; - homeConfigurations = mapCfgsForSystem self.homeConfigurations; - nixosConfigurations = mapCfgsForSystem self.nixosConfigurations; - } - # I don't care to run these for each system, as they should be the same - # and don't need to be cached - // lib.optionalAttrs (system == ciSystem) { - inherit (self') checks devShells; - } - ) - ); + tflint = { + dependencies = [ pkgs.tflint ]; + script = '' + tflint --chdir=${self}/terraform --format=sarif |& tee $out || true + ''; + }; + }; + }) + ]; } diff --git a/lib/default.nix b/lib/default.nix new file mode 100644 index 0000000..0d36185 --- /dev/null +++ b/lib/default.nix @@ -0,0 +1,80 @@ +{ config, lib, ... }: + +let + self = config.flake.lib; +in + +{ + + flake.lib = { + /** + Get the derivation attribute of a configuration if needed + + # Type + + ``` + derivationFrom :: AttrSet -> Derivation + ``` + + # Arguments + + - [set] A system/home configuration or regular derivation + */ + derivationFrom = + deriv: + if lib.isDerivation deriv then + deriv + else + deriv.config.system.build.toplevel or deriv.activationPackage; + + /** + Check if a derivation or configuration is compatible with the current system + + # Type + + ``` + isCompatible :: String -> Derivation -> Bool + ``` + + # Arguments + + - [system] System to check against + - [derivation] Derivation to check + */ + isCompatibleWith = system: deriv: (deriv.pkgs or deriv).stdenv.hostPlatform.system == system; + + /** + Flatten nested derivations from an attribute set + + Mainly for use with making Flake outputs work in `checks` + + # Example + + ```nix + collectNestedDerivations { nixosConfigurations = { my-machine = { }; }; } + => { nixosConfigurations-my-machine = { }; } + + # Type + + ``` + collectNestedDerivations :: String -> AttrSet -> AttrSet + ``` + + # Arguments + + - [system] System to collect derivations for + - [set] Set of (single-level) nested derivations + */ + collectNestedDerivationsFor = + system: + + lib.foldlAttrs ( + acc: attrType: values: + + acc + // lib.mapAttrs' ( + attrName: value: lib.nameValuePair "${attrType}-${attrName}" (self.derivationFrom value) + ) (lib.filterAttrs (lib.const (self.isCompatibleWith system)) values) + ) { }; + }; +} |