diff options
| -rw-r--r-- | .github/workflows/ci.yaml | 115 | ||||
| -rw-r--r-- | .github/workflows/deploy.yaml | 17 | ||||
| -rw-r--r-- | ci.nix | 28 | ||||
| -rw-r--r-- | flake.lock | 21 | ||||
| -rw-r--r-- | flake.nix | 12 | ||||
| -rw-r--r-- | garnix.yaml | 7 | ||||
| -rw-r--r-- | modules/shared/nix.nix | 4 | ||||
| -rw-r--r-- | workflow.nix | 16 |
8 files changed, 44 insertions, 176 deletions
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml deleted file mode 100644 index 144e259..0000000 --- a/.github/workflows/ci.yaml +++ /dev/null @@ -1,115 +0,0 @@ -name: CI - -on: - pull_request: - workflow_dispatch: - workflow_call: - secrets: - CACHIX_AUTH_TOKEN: - required: false - -jobs: - eval: - runs-on: ubuntu-latest - - outputs: - matrix: ${{ steps.generate.outputs.matrix }} - - steps: - - uses: actions/checkout@v4 - - - name: install nix - uses: nixbuild/nix-quick-install-action@v26 - - - name: setup cachix - uses: cachix/cachix-action@v12 - with: - name: getchoo - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - - name: generate matrix - id: generate - run: | - set -Eeu - echo "matrix=$(nix eval --show-trace --json .#githubWorkflow.matrix)" >> "$GITHUB_OUTPUT" - - build: - needs: eval - - strategy: - fail-fast: false - matrix: ${{ fromJSON(needs.eval.outputs.matrix) }} - - runs-on: ${{ matrix.os }} - - name: build (${{matrix.attr}}) - - steps: - - uses: actions/checkout@v4 - - - name: setup qemu - if: matrix.arch == 'aarch64' - run: | - sudo apt update -y - sudo apt install -y qemu-user-static - - - name: install nix - if: matrix.arch != 'aarch64' - uses: DeterminateSystems/nix-installer-action@v7 - - - name: install nix (with aarch64) - if: matrix.arch == 'aarch64' - uses: DeterminateSystems/nix-installer-action@v7 - with: - extra-conf: "extra-platforms = aarch64-linux arm-linux" - - - name: setup cachix - uses: cachix/cachix-action@v12 - with: - name: getchoo - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - - name: build ${{ matrix.attr }} - run: nix build -L --fallback .#${{ matrix.attr }} - - check: - strategy: - fail-fast: false - matrix: - os: [macos-latest, ubuntu-latest] - - runs-on: ${{ matrix.os }} - - steps: - - uses: actions/checkout@v4 - - - name: install nix - uses: DeterminateSystems/nix-installer-action@v7 - - - name: setup cachix - uses: cachix/cachix-action@v12 - with: - name: getchoo - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - - name: run check - run: nix flake check --show-trace - - # https://github.com/orgs/community/discussions/26822#discussioncomment-3305794 - gate: - needs: [build, check] - runs-on: ubuntu-latest - - if: always() - - steps: - - name: exit with result - run: | - buildResult="${{ needs.build.result }}" - checkResult="${{ needs.check.result }}" - - results=("$buildResult" "$checkResult") - - for result in "${results[@]}"; do [ "$result" != "success" ] && exit 1; done - - exit 0 diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index e183191..939c811 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -1,31 +1,22 @@ name: deploy systems on: - push: - branches: [main] + check_suite: + types: [completed] workflow_dispatch: jobs: - ci: - uses: ./.github/workflows/ci.yaml - secrets: inherit - deploy: - needs: ci runs-on: ubuntu-latest + # only run after garnix + if: github.event.app.slug == 'garnix-ci' steps: - uses: actions/checkout@v4 - name: install nix uses: nixbuild/nix-quick-install-action@v26 - - name: setup cachix - uses: cachix/cachix-action@v12 - with: - name: getchoo - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: connect to tailscale uses: tailscale/github-action@v2 with: @@ -0,0 +1,28 @@ +{self, ...}: { + perSystem = { + lib, + pkgs, + system, + config, + ... + }: let + # get applicable system configurations + configurations = lib.getAttrs ["darwinConfigurations" "homeConfigurations" "nixosConfigurations"] self; + + systems = lib.pipe (builtins.attrValues configurations) [ + (builtins.foldl' (acc: attr: acc // attr) {}) + (lib.filterAttrs (_: v: v.pkgs.system == system)) + (lib.mapAttrsToList (_: v: v.config.system.build.toplevel or v.activationPackage)) + ]; + in { + checks = { + ciGate = pkgs.runCommand "ci-gate" { + nativeBuildInputs = lib.concatLists [ + systems + # and other checks + (builtins.attrValues (builtins.removeAttrs config.checks ["ciGate"])) + ]; + } "touch $out"; + }; + }; +} @@ -298,26 +298,6 @@ "type": "github" } }, - "nix2workflow": { - "inputs": { - "nixpkgs-lib": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1699416125, - "narHash": "sha256-IQHjxELWK6DBWbqYwggO4Q9gJbOm0XS3aCgMRzQWwZU=", - "owner": "getchoo", - "repo": "nix2workflow", - "rev": "f1de38cfea711e9a788794b5a658298b4062defb", - "type": "github" - }, - "original": { - "owner": "getchoo", - "repo": "nix2workflow", - "type": "github" - } - }, "nixinate": { "inputs": { "nixpkgs": [ @@ -503,7 +483,6 @@ "hm": "hm", "lanzaboote": "lanzaboote", "nix-index-database": "nix-index-database", - "nix2workflow": "nix2workflow", "nixinate": "nixinate", "nixos-hardware": "nixos-hardware", "nixos-wsl": "nixos-wsl", @@ -2,8 +2,8 @@ description = "getchoo's flake for system configurations"; nixConfig = { - extra-substituters = ["https://getchoo.cachix.org"]; - extra-trusted-public-keys = ["getchoo.cachix.org-1:ftdbAUJVNaFonM0obRGgR5+nUmdLMM+AOvDOSx0z5tE="]; + extra-substituters = ["https://cache.garnix.io"]; + extra-trusted-public-keys = ["cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="]; }; inputs = { @@ -76,11 +76,6 @@ }; }; - nix2workflow = { - url = "github:getchoo/nix2workflow"; - inputs.nixpkgs-lib.follows = "nixpkgs"; - }; - nixinate = { url = "github:MatthewCroughan/nixinate"; inputs.nixpkgs.follows = "nixpkgs"; @@ -131,14 +126,13 @@ parts.lib.mkFlake {inherit inputs;} { imports = [ inputs.pre-commit.flakeModule - inputs.nix2workflow.flakeModule ./modules ./overlay ./systems ./users + ./ci.nix ./dev.nix - ./workflow.nix ]; systems = [ diff --git a/garnix.yaml b/garnix.yaml new file mode 100644 index 0000000..1f0346c --- /dev/null +++ b/garnix.yaml @@ -0,0 +1,7 @@ +builds: + exclude: [] + include: + - "checks.*.*" + - "devShells.x86_64-linux.default" + - "nixosConfigurations.*" + - "homeConfigurations.seth" diff --git a/modules/shared/nix.nix b/modules/shared/nix.nix index 72c3e00..d496f72 100644 --- a/modules/shared/nix.nix +++ b/modules/shared/nix.nix @@ -19,8 +19,8 @@ auto-optimise-store = pkgs.stdenv.isLinux; experimental-features = lib.mkDefault ["nix-command" "flakes" "auto-allocate-uids" "repl-flake"]; - trusted-substituters = lib.mkDefault ["https://getchoo.cachix.org"]; - trusted-public-keys = lib.mkDefault ["getchoo.cachix.org-1:ftdbAUJVNaFonM0obRGgR5+nUmdLMM+AOvDOSx0z5tE="]; + trusted-substituters = lib.mkDefault ["https://cache.garnix.io"]; + trusted-public-keys = lib.mkDefault ["cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="]; nix-path = config.nix.nixPath; }; diff --git a/workflow.nix b/workflow.nix deleted file mode 100644 index e9cec5d..0000000 --- a/workflow.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - githubWorkflowGenerator = { - outputs = [ - "checks" - "devShells" - "darwinConfigurations" - "nixosConfigurations" - "homeConfigurations" - ]; - - overrides = { - checks.systems = ["x86_64-linux"]; - devShells.systems = ["x86_64-linux" "x86_64-darwin"]; - }; - }; -} |