diff options
| author | seth <[email protected]> | 2023-11-10 21:54:11 -0500 |
|---|---|---|
| committer | seth <[email protected]> | 2023-11-11 03:03:27 +0000 |
| commit | a786eb5e33562c6fea7997ed7b04075f967615d0 (patch) | |
| tree | b8c74a34f937824fa75779207cd667de57096865 | |
| parent | 085a813c95d620a133b8a0c5e2d29e1aa9240736 (diff) | |
ci: add deploy workflow
| -rw-r--r-- | .github/workflows/ci.yaml | 21 | ||||
| -rw-r--r-- | .github/workflows/deploy.yaml | 41 |
2 files changed, 51 insertions, 11 deletions
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c65186f..144e259 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,10 +1,12 @@ name: CI on: - push: - branches: [main] pull_request: workflow_dispatch: + workflow_call: + secrets: + CACHIX_AUTH_TOKEN: + required: false jobs: eval: @@ -20,17 +22,16 @@ jobs: uses: nixbuild/nix-quick-install-action@v26 - name: setup cachix - uses: cachix/cachix-action@master + uses: cachix/cachix-action@v12 with: name: getchoo authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - skipAddingSubstituter: 'true' - name: generate matrix id: generate run: | set -Eeu - echo "matrix=$(nix eval --accept-flake-config --show-trace --json .#githubWorkflow.matrix)" >> "$GITHUB_OUTPUT" + echo "matrix=$(nix eval --show-trace --json .#githubWorkflow.matrix)" >> "$GITHUB_OUTPUT" build: needs: eval @@ -63,14 +64,13 @@ jobs: extra-conf: "extra-platforms = aarch64-linux arm-linux" - name: setup cachix - uses: cachix/cachix-action@master + uses: cachix/cachix-action@v12 with: name: getchoo authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - skipAddingSubstituter: 'true' - name: build ${{ matrix.attr }} - run: nix build -L --accept-flake-config --fallback .#${{ matrix.attr }} + run: nix build -L --fallback .#${{ matrix.attr }} check: strategy: @@ -87,14 +87,13 @@ jobs: uses: DeterminateSystems/nix-installer-action@v7 - name: setup cachix - uses: cachix/cachix-action@master + uses: cachix/cachix-action@v12 with: name: getchoo authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - skipAddingSubstituter: 'true' - name: run check - run: nix flake check --accept-flake-config --show-trace + run: nix flake check --show-trace # https://github.com/orgs/community/discussions/26822#discussioncomment-3305794 gate: diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml new file mode 100644 index 0000000..1d2c3bd --- /dev/null +++ b/.github/workflows/deploy.yaml @@ -0,0 +1,41 @@ +name: deploy systems + +on: + push: + branches: [main] + workflow_dispatch: + +jobs: + ci: + uses: ${{ github.repository }}/.github/workflows/ci.yaml@main + with: + secrets: inherit + + deploy: + needs: ci + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: install nix + uses: nixbuild/nix-quick-install-action@v26 + + - name: setup cachix + uses: cachix/cachix-action@v12 + with: + name: getchoo + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + + - name: connect to tailscale + uses: tailscale/github-action@v2 + with: + oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }} + oauth-secret: ${{ secrets.TS_OAUTH_SECRET }} + tags: tag:gha + + - name: enter dev shell + run: nix develop + + - name: deploy all systems + run: just da |