From dff0b10145e84fb5cb83573601f60c27c90df5cb Mon Sep 17 00:00:00 2001 From: Thiago Kenji Okada Date: Wed, 20 Sep 2023 15:22:00 +0100 Subject: [PATCH] actions: add separate validate flakes step --- .github/workflows/build-and-cache.yml | 8 +++--- .github/workflows/update-flakes-darwin.yml | 3 ++- .github/workflows/update-flakes.yml | 3 ++- .github/workflows/validate-flakes.yml | 31 ++++++++++++++++++++++ actions/build-and-cache.nix | 6 ++--- actions/steps.nix | 17 +++++++++--- actions/update-flakes-darwin.nix | 2 +- actions/update-flakes.nix | 2 +- actions/validate-flakes.nix | 27 +++++++++++++++++++ flake.nix | 1 + 10 files changed, 85 insertions(+), 15 deletions(-) create mode 100644 .github/workflows/validate-flakes.yml create mode 100644 actions/validate-flakes.nix diff --git a/.github/workflows/build-and-cache.yml b/.github/workflows/build-and-cache.yml index dc7c4406..db96a514 100644 --- a/.github/workflows/build-and-cache.yml +++ b/.github/workflows/build-and-cache.yml @@ -15,7 +15,8 @@ jobs: - uses: actions/checkout@v4 - uses: cachix/install-nix-action@v22 with: - extra_nix_config: access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + extra_nix_config: | + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - uses: cachix/cachix-action@v12 with: @@ -24,8 +25,6 @@ jobs: name: thiagokokada-nix-configs - name: Set default git branch (to reduce log spam) run: git config --global init.defaultBranch master - - name: Check if all `.nix` files are formatted correctly - run: nix run '.#formatCheck' - name: 'Build Home-Manager configs for: home-linux, steamdeck' run: |- nix build --print-build-logs '.#homeConfigurations.home-linux.activationPackage' @@ -42,7 +41,8 @@ jobs: - uses: actions/checkout@v4 - uses: cachix/install-nix-action@v22 with: - extra_nix_config: access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + extra_nix_config: | + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - uses: cachix/cachix-action@v12 with: diff --git a/.github/workflows/update-flakes-darwin.yml b/.github/workflows/update-flakes-darwin.yml index eac04a41..8a55ebae 100644 --- a/.github/workflows/update-flakes-darwin.yml +++ b/.github/workflows/update-flakes-darwin.yml @@ -6,7 +6,8 @@ jobs: - uses: actions/checkout@v4 - uses: cachix/install-nix-action@v22 with: - extra_nix_config: access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + extra_nix_config: | + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - uses: cachix/cachix-action@v12 with: diff --git a/.github/workflows/update-flakes.yml b/.github/workflows/update-flakes.yml index 8182a20e..80ffda7c 100644 --- a/.github/workflows/update-flakes.yml +++ b/.github/workflows/update-flakes.yml @@ -15,7 +15,8 @@ jobs: - uses: actions/checkout@v4 - uses: cachix/install-nix-action@v22 with: - extra_nix_config: access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + extra_nix_config: | + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} nix_path: nixpkgs=channel:nixos-unstable - name: Set default git branch (to reduce log spam) run: git config --global init.defaultBranch master diff --git a/.github/workflows/validate-flakes.yml b/.github/workflows/validate-flakes.yml new file mode 100644 index 00000000..50098866 --- /dev/null +++ b/.github/workflows/validate-flakes.yml @@ -0,0 +1,31 @@ +jobs: + build-linux: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v22 + with: + extra_nix_config: | + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + system = aarch64-linux + nix_path: nixpkgs=channel:nixos-unstable + - name: Setup aarch64-linux + run: | + DEBIAN_FRONTEND=noninteractive + sudo apt-get update -q -y + sudo apt-get install -q -y qemu-system-aarch64 qemu-efi binfmt-support qemu-user-static + - uses: cachix/cachix-action@v12 + with: + authToken: ${{ secrets.CACHIX_TOKEN }} + extraPullNames: nix-community + name: thiagokokada-nix-configs + - name: Set default git branch (to reduce log spam) + run: git config --global init.defaultBranch master + - name: Check if all `.nix` files are formatted correctly + run: nix run '.#formatCheck' + - name: Validate Flakes + run: nix flake check +name: validate-flakes +"on": + - push + - workflow_dispatch diff --git a/actions/build-and-cache.nix b/actions/build-and-cache.nix index c597bed4..2cd464ce 100644 --- a/actions/build-and-cache.nix +++ b/actions/build-and-cache.nix @@ -12,11 +12,9 @@ with constants; steps = with steps; [ maximimizeBuildSpaceStep checkoutStep - installNixActionStep + (installNixActionStep { }) cachixActionStep setDefaultGitBranchStep - checkNixStep - # validateFlakesStep (buildHomeManagerConfigurations { }) (buildNixOSConfigurations { }) ]; @@ -25,7 +23,7 @@ with constants; inherit (constants.macos) runs-on; steps = with steps; [ checkoutStep - installNixActionStep + (installNixActionStep { }) cachixActionStep setDefaultGitBranchStep (buildHomeManagerConfigurations { hostnames = home-manager.darwin.hostnames; }) diff --git a/actions/steps.nix b/actions/steps.nix index 60ae79d1..9dee89e9 100644 --- a/actions/steps.nix +++ b/actions/steps.nix @@ -20,13 +20,16 @@ with constants; checkoutStep = { uses = actions.checkout; }; - installNixActionStep = { + installNixActionStep = { extraNixConfig ? "" }: { uses = actions.install-nix-action; "with" = { - # Need to define a channel, otherwise it wiill use bash from environment + # Need to define a channel, otherwise it will use bash from environment nix_path = "nixpkgs=channel:nixos-unstable"; # Should avoid GitHub API rate limit - extra_nix_config = "access-tokens = github.com=\${{ secrets.GITHUB_TOKEN }}"; + extra_nix_config = builtins.concatStringsSep "\n" [ + "access-tokens = github.com=\${{ secrets.GITHUB_TOKEN }}" + extraNixConfig + ]; }; }; cachixActionStep = { @@ -104,4 +107,12 @@ with constants; diffIds)); }; }; + setupAarch64 = { + name = "Setup aarch64-linux"; + run = '' + DEBIAN_FRONTEND=noninteractive + sudo apt-get update -q -y + sudo apt-get install -q -y qemu-system-aarch64 qemu-efi binfmt-support qemu-user-static + ''; + }; } diff --git a/actions/update-flakes-darwin.nix b/actions/update-flakes-darwin.nix index a2b0ca35..2bfb9a11 100644 --- a/actions/update-flakes-darwin.nix +++ b/actions/update-flakes-darwin.nix @@ -18,7 +18,7 @@ with constants; "if" = "\${{ github.event.workflow_run.conclusion == 'success' }}"; steps = with steps; [ checkoutStep - installNixActionStep + (installNixActionStep { }) cachixActionStep setDefaultGitBranchStep (buildHomeManagerConfigurations { hostnames = home-manager.darwin.hostnames; }) diff --git a/actions/update-flakes.nix b/actions/update-flakes.nix index 5b594b85..78b64308 100644 --- a/actions/update-flakes.nix +++ b/actions/update-flakes.nix @@ -16,7 +16,7 @@ with constants; steps = with steps; [ maximimizeBuildSpaceStep checkoutStep - installNixActionStep + (installNixActionStep { }) setDefaultGitBranchStep cachixActionStep # (buildNixOSConfigurations { hostnames = [ (first nixos.hostnames) ]; extraNixFlags = [ "-o /tmp/nixos_old" ]; }) diff --git a/actions/validate-flakes.nix b/actions/validate-flakes.nix new file mode 100644 index 00000000..f21d67ab --- /dev/null +++ b/actions/validate-flakes.nix @@ -0,0 +1,27 @@ +let + steps = import ./steps.nix; + constants = import ./constants.nix; +in +with constants; +{ + name = "validate-flakes"; + on = [ "push" "workflow_dispatch" ]; + jobs = { + build-linux = { + inherit (ubuntu) runs-on; + steps = with steps; [ + checkoutStep + (installNixActionStep { + extraNixConfig = '' + system = aarch64-linux + ''; + }) + setupAarch64 + cachixActionStep + setDefaultGitBranchStep + checkNixStep + validateFlakesStep + ]; + }; + }; +} diff --git a/flake.nix b/flake.nix index 8a98f455..e64abc54 100644 --- a/flake.nix +++ b/flake.nix @@ -179,6 +179,7 @@ "build-and-cache" "update-flakes" "update-flakes-darwin" + "validate-flakes" ]) ]); # END recursiveMergeAttrs }