2 files changed, 4 insertions, 128 deletions

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
deleted file mode 100644
index 144e259..0000000
--- a/.github/workflows/ci.yaml
+++ /dev/null
@@ -1,115 +0,0 @@
-name: CI
-
-on:
-  pull_request:
-  workflow_dispatch:
-  workflow_call:
-    secrets:
-      CACHIX_AUTH_TOKEN:
-        required: false
-
-jobs:
-  eval:
-    runs-on: ubuntu-latest
-
-    outputs:
-      matrix: ${{ steps.generate.outputs.matrix }}
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: install nix
-        uses: nixbuild/nix-quick-install-action@v26
-
-      - name: setup cachix
-        uses: cachix/cachix-action@v12
-        with:
-          name: getchoo
-          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-
-      - name: generate matrix
-        id: generate
-        run: |
-          set -Eeu
-          echo "matrix=$(nix eval --show-trace --json .#githubWorkflow.matrix)" >> "$GITHUB_OUTPUT"
-
-  build:
-    needs: eval
-
-    strategy:
-      fail-fast: false
-      matrix: ${{ fromJSON(needs.eval.outputs.matrix) }}
-
-    runs-on: ${{ matrix.os }}
-
-    name: build (${{matrix.attr}})
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: setup qemu
-        if: matrix.arch == 'aarch64'
-        run: |
-          sudo apt update -y
-          sudo apt install -y qemu-user-static
-
-      - name: install nix
-        if: matrix.arch != 'aarch64'
-        uses: DeterminateSystems/nix-installer-action@v7
-
-      - name: install nix (with aarch64)
-        if: matrix.arch == 'aarch64'
-        uses: DeterminateSystems/nix-installer-action@v7
-        with:
-          extra-conf: "extra-platforms = aarch64-linux arm-linux"
-
-      - name: setup cachix
-        uses: cachix/cachix-action@v12
-        with:
-          name: getchoo
-          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-
-      - name: build ${{ matrix.attr }}
-        run: nix build -L --fallback .#${{ matrix.attr }}
-
-  check:
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [macos-latest, ubuntu-latest]
-
-    runs-on: ${{ matrix.os }}
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: install nix
-        uses: DeterminateSystems/nix-installer-action@v7
-
-      - name: setup cachix
-        uses: cachix/cachix-action@v12
-        with:
-          name: getchoo
-          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-
-      - name: run check
-        run: nix flake check --show-trace
-
-  # https://github.com/orgs/community/discussions/26822#discussioncomment-3305794
-  gate:
-    needs: [build, check]
-    runs-on: ubuntu-latest
-
-    if: always()
-
-    steps:
-      - name: exit with result
-        run: |
-          buildResult="${{ needs.build.result }}"
-          checkResult="${{ needs.check.result }}"
-
-          results=("$buildResult" "$checkResult")
-
-          for result in "${results[@]}"; do [ "$result" != "success" ] && exit 1; done
-
-          exit 0
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
index e183191..939c811 100644
--- a/.github/workflows/deploy.yaml
+++ b/.github/workflows/deploy.yaml
@@ -1,31 +1,22 @@
 name: deploy systems
 
 on:
-  push:
-    branches: [main]
+  check_suite:
+    types: [completed]
   workflow_dispatch:
 
 jobs:
-  ci:
-    uses: ./.github/workflows/ci.yaml
-    secrets: inherit
-
   deploy:
-    needs: ci
     runs-on: ubuntu-latest
 
+    # only run after garnix
+    if: github.event.app.slug == 'garnix-ci'
     steps:
       - uses: actions/checkout@v4
 
       - name: install nix
         uses: nixbuild/nix-quick-install-action@v26
 
-      - name: setup cachix
-        uses: cachix/cachix-action@v12
-        with:
-          name: getchoo
-          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
-
       - name: connect to tailscale
         uses: tailscale/github-action@v2
         with: