Skip to content

chore(flake.lock): update #486

chore(flake.lock): update

chore(flake.lock): update #486

Workflow file for this run

# Based on:
# https://github.com/cuties-social/cuties-social-nixfiles/blob/14593a3014c32ce121529009d8d6564e45dd7e99/.github/workflows/build.yml
name: Build
on:
push:
branches:
- master
pull_request:
workflow_dispatch:
defaults:
run:
shell: bash -euo pipefail {0}
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
build:
env:
PR_JOB_SUMMARY: pr-job-summary
runs-on: ubuntu-24.04
strategy:
matrix:
machine:
- host: framework
platform: x86-64-linux
- host: cm3588
platform: aarch64-linux
permissions:
contents: read
pull-requests: write
steps:
- name: Free up disk space
uses: easimon/maximize-build-space@fc881a613ad2a34aca9c9624518214ebc21dfc0c # v10
with:
overprovision-lvm: true
remove-android: true
remove-codeql: true
remove-docker-images: true
remove-dotnet: true
remove-haskell: true
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- if: matrix.machine.platform == 'aarch64-linux'
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d # v16
with:
extra-conf: |
extra-platforms = aarch64-linux
- name: Set up GitHub Actions cache
uses: DeterminateSystems/magic-nix-cache-action@87b14cf437d03d37989d87f0fa5ce4f5dc1a330b # v8
- name: Set up public cache
uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # v15
with:
name: tlvince-nixos-config
authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
# Does not work (in CI) with lanzaboote
# - name: Run flake check
# run: |
# CHECK_OUTPUT="${RUNNER_TEMP}/flake-check-output"
# nix flake check --no-build | tee "$CHECK_OUTPUT"
# [[ -s $CHECK_OUTPUT ]] || echo "No issues found by 'nix flake check'." > "$CHECK_OUTPUT"
# echo -e "## Flake check\n\`\`\`\n$(<$CHECK_OUTPUT)\n\`\`\`" | tee -a "$GITHUB_STEP_SUMMARY" "${RUNNER_TEMP}/${PR_JOB_SUMMARY}" >/dev/null
- name: Build
run: |
OUT_PATH="$(nix build .#nixosConfigurations.${{ matrix.machine.host }}.config.system.build.toplevel --print-out-paths)"
echo -e "\x1b[32;1mSuccessfully built .#nixosConfigurations.${{ matrix.machine.host }}\x1b[0m"
echo -e "## Build ${{ matrix.machine.host }}\n\`$OUT_PATH\`" | tee -a "$GITHUB_STEP_SUMMARY" "${RUNNER_TEMP}/${PR_JOB_SUMMARY}" >/dev/null
- name: Diff closures
if: github.event_name == 'pull_request'
run: |
HOST_DRV="nixosConfigurations.${{ matrix.machine.host }}.config.system.build.toplevel"
PREV_FLAKE="github:${GITHUB_REPOSITORY}"
NEXT_FLAKE="."
DIFF_OUTPUT="${RUNNER_TEMP}/nix-store-diff-closures-output"
nix store diff-closures "${PREV_FLAKE}#${HOST_DRV}" "${NEXT_FLAKE}#${HOST_DRV}" | tee "$DIFF_OUTPUT"
[[ -s "$DIFF_OUTPUT" ]] && sed -i 's/\x1b\[[0-9;]*m//g' "$DIFF_OUTPUT" || echo "No changes found" | tee "$DIFF_OUTPUT"
echo -e "## Closures difference\n\`\`\`\n$(<$DIFF_OUTPUT)\n\`\`\`" | tee -a "$GITHUB_STEP_SUMMARY" "${RUNNER_TEMP}/${PR_JOB_SUMMARY}" >/dev/null
- name: Add job summary to PR
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
if: github.event_name == 'pull_request'
with:
script: |
const { readFile } = require('node:fs/promises')
const comment = require('.github/scripts/comment')
const header = '# ${{ matrix.machine.host }}'
const body = await readFile('${{ runner.temp }}/${{ env.PR_JOB_SUMMARY }}', { encoding: 'utf8' })
await comment({ github, context, header, body })