althaea.zone / wire
ALPHA: wire is a tool to deploy nixos systems wire.althaea.zone/
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

add build.yml (#447)

authored by

marshmallow and committed by
GitHub 620edcd3 6e0b79c5

+144 -1
+143
.github/workflows/build.yml
··· 1 + --- 2 + name: "Build" 3 + on: 4 + pull_request: 5 + push: 6 + jobs: 7 + pre-job: 8 + continue-on-error: true 9 + runs-on: ubuntu-latest 10 + permissions: {} 11 + outputs: 12 + should_skip: ${{ steps.skip_check.outputs.should_skip }} 13 + steps: 14 + - id: skip_check 15 + uses: fkirc/skip-duplicate-actions@04a1aebece824b56e6ad6a401d015479cd1c50b3 16 + with: 17 + concurrent_skipping: "same_content_newer" 18 + cancel_others: "true" 19 + find-jobs: 20 + runs-on: ubuntu-latest 21 + needs: pre-job 22 + permissions: 23 + contents: read 24 + if: needs.pre-job.outputs.should_skip != 'true' 25 + outputs: 26 + packages: ${{ steps.x86_64.outputs.packages }} 27 + tests: ${{ steps.tests.outputs.tests }} 28 + steps: 29 + - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 30 + with: 31 + persist-credentials: false 32 + - uses: ./.github/actions/setup-nix 33 + - name: Find package jobs 34 + id: x86_64 35 + run: echo "packages=$(nix eval .#hydraJobs.packages.x86_64-linux --apply "builtins.attrNames" --json)" >> "$GITHUB_OUTPUT" 36 + - name: Find test Jobs 37 + id: tests 38 + run: echo "tests=$(nix eval .#hydraJobs.tests --apply "builtins.attrNames" --json)" >> "$GITHUB_OUTPUT" 39 + build-key-agent-aarch64: 40 + runs-on: blacksmith-8vcpu-ubuntu-2404-arm 41 + permissions: {} 42 + needs: pre-job 43 + if: needs.pre-job.outputs.should_skip != 'true' 44 + steps: 45 + - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 46 + with: 47 + persist-credentials: false 48 + - uses: ./.github/actions/setup-nix 49 + - name: Build 50 + run: nix build --print-build-logs --print-out-paths .#packages.aarch64-linux.agent > out.paths 51 + - name: Push 52 + run: | 53 + echo "$SIGNING_KEY" | nix store sign --key-file /dev/stdin "$(< out.paths)" 54 + nix copy --to "s3://wire-cache?write-nar-listing=1&ls-compression=br&log-compression=br&endpoint=s3.us-east-005.backblazeb2.com" "$(< out.paths)" 55 + env: 56 + SIGNING_KEY: ${{ secrets.SIGNING_KEY }} 57 + AWS_ACCESS_KEY_ID: ${{ secrets.CACHE_AWS_ID }} 58 + AWS_SECRET_ACCESS_KEY: ${{ secrets.CACHE_AWS_KEY }} 59 + build-key-agent-x86_64: 60 + runs-on: blacksmith-8vcpu-ubuntu-2404 61 + permissions: {} 62 + needs: pre-job 63 + if: needs.pre-job.outputs.should_skip != 'true' 64 + steps: 65 + - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 66 + with: 67 + persist-credentials: false 68 + - uses: ./.github/actions/setup-nix 69 + - name: Build 70 + run: nix build --print-build-logs --print-out-paths .#packages.x86_64-linux.agent > out.paths 71 + - name: Push 72 + run: | 73 + echo "$SIGNING_KEY" | nix store sign --key-file /dev/stdin "$(< out.paths)" 74 + nix copy --to "s3://wire-cache?write-nar-listing=1&ls-compression=br&log-compression=br&endpoint=s3.us-east-005.backblazeb2.com" "$(< out.paths)" 75 + env: 76 + SIGNING_KEY: ${{ secrets.SIGNING_KEY }} 77 + AWS_ACCESS_KEY_ID: ${{ secrets.CACHE_AWS_ID }} 78 + AWS_SECRET_ACCESS_KEY: ${{ secrets.CACHE_AWS_KEY }} 79 + build: 80 + runs-on: ${{ matrix.arch.runner }} 81 + needs: 82 + - find-jobs 83 + - build-key-agent-x86_64 84 + - build-key-agent-aarch64 85 + permissions: {} 86 + strategy: 87 + matrix: 88 + package: ${{ fromJSON(needs.find-jobs.outputs.packages) }} 89 + arch: 90 + - id: x86_64-linux 91 + runner: blacksmith-8vcpu-ubuntu-2404 92 + # disabled arm building, 93 + # currently handled by cachix and for development purposes i only use 94 + # x86_64 95 + # 96 + # - id: aarch64-linux 97 + # runner: blacksmith-8vcpu-ubuntu-2404-arm 98 + steps: 99 + - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 100 + with: 101 + persist-credentials: false 102 + - uses: ./.github/actions/setup-nix 103 + - name: Build 104 + run: | 105 + nix build --print-build-logs --print-out-paths .#hydraJobs.packages.${ARCH}.${MATRIX_PACKAGE} > out.paths 106 + env: 107 + MATRIX_PACKAGE: ${{ matrix.package }} 108 + ARCH: ${{ matrix.arch.id }} 109 + - name: Push 110 + run: | 111 + echo "$SIGNING_KEY" | nix store sign --key-file /dev/stdin "$(< out.paths)" 112 + nix copy --to "s3://wire-cache?write-nar-listing=1&ls-compression=br&log-compression=br&endpoint=s3.us-east-005.backblazeb2.com" "$(< out.paths)" 113 + env: 114 + SIGNING_KEY: ${{ secrets.SIGNING_KEY }} 115 + AWS_ACCESS_KEY_ID: ${{ secrets.CACHE_AWS_ID }} 116 + AWS_SECRET_ACCESS_KEY: ${{ secrets.CACHE_AWS_KEY }} 117 + tests: 118 + runs-on: blacksmith-8vcpu-ubuntu-2404 119 + needs: 120 + - find-jobs 121 + - build-key-agent-x86_64 122 + permissions: {} 123 + strategy: 124 + matrix: 125 + test: ${{ fromJSON(needs.find-jobs.outputs.tests) }} 126 + steps: 127 + - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 128 + with: 129 + persist-credentials: false 130 + - uses: ./.github/actions/setup-nix 131 + - name: Test 132 + run: | 133 + nix build --print-build-logs --print-out-paths .#hydraJobs.tests.${MATRIX_TEST} > out.paths 134 + env: 135 + MATRIX_TEST: ${{ matrix.test }} 136 + - name: Push 137 + run: | 138 + echo "$SIGNING_KEY" | nix store sign --key-file /dev/stdin "$(< out.paths)" 139 + nix copy --to "s3://wire-cache?write-nar-listing=1&ls-compression=br&log-compression=br&endpoint=s3.us-east-005.backblazeb2.com" "$(< out.paths)" 140 + env: 141 + SIGNING_KEY: ${{ secrets.SIGNING_KEY }} 142 + AWS_ACCESS_KEY_ID: ${{ secrets.CACHE_AWS_ID }} 143 + AWS_SECRET_ACCESS_KEY: ${{ secrets.CACHE_AWS_KEY }}
+1 -1
flake.nix
··· 57 57 inherit (self.packages.x86_64-linux) docs; 58 58 } 59 59 // lib.genAttrs [ "x86_64-linux" "aarch64-linux" ] (system: { 60 - inherit (self.packages.${system}) wire wire-small cargo-tests; 60 + inherit (self.packages.${system}) wire wire-small; 61 61 }); 62 62 63 63 tests = lib.filterAttrs (n: _: (lib.hasPrefix "vm" n)) self.checks.x86_64-linux;