diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml new file mode 100644 index 00000000..322d1fb5 --- /dev/null +++ b/.github/workflows/nix.yml @@ -0,0 +1,40 @@ +name: Build and cache with Nix + +on: + workflow_dispatch: + push: + paths: + - '**' + +jobs: + build-and-cache: + runs-on: ${{ matrix.os }} + timeout-minutes: 740 + strategy: + fail-fast: false + matrix: + os: [ubuntu-latest, macos-latest, macos-m1] + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set up Nix with caching + uses: kadena-io/setup-nix-with-cache/by-root@v3 + with: + cache_url: s3://nixcache.chainweb.com?region=us-east-1 + signing_private_key: ${{ secrets.NIX_CACHE_PRIVATE_KEY }} + + - name: Set up AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + aws-access-key-id: ${{ secrets.NIX_CACHE_AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.NIX_CACHE_AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + + - name: Give root user AWS credentials + uses: kadena-io/setup-nix-with-cache/copy-root-aws-credentials@v3 + + - name: Build and cache artifacts + run: | + echo Building the project and its devShell + nix build .#check --log-lines 500 --show-trace diff --git a/flake.nix b/flake.nix index 2652655f..af866caf 100644 --- a/flake.nix +++ b/flake.nix @@ -29,8 +29,22 @@ defaultNix = import ./default.nix { inherit pkgs; }; flake = defaultNix.flake; executable = defaultNix.default; + # This package depends on other packages at buildtime, but its output does not + # depend on them. This way, we don't have to download the entire closure to verify + # that those packages build. + mkCheck = name: package: pkgs.runCommand ("check-"+name) {} '' + echo ${name}: ${package} + echo works > $out + ''; in flake // { packages.default = executable; packages.chainweb-data-docker = defaultNix.dockerImage; + + # Built by CI + packages.check = pkgs.runCommand "check" {} '' + echo ${self.packages.${system}.default} + echo ${mkCheck "devShell" flake.devShell} + echo works > $out + ''; }); }