gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

update flake-cron ci

Browse source
This commit is contained in:
arcnmx 2023-04-18 06:53:09 -07:00
parent 805e5b6ac0
commit 5062c04e4d
7 changed files with 49 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.envrc
View file

@ -9,3 +9,4 @@ if [[ -e trusted/trusted/flake.nix ]]; then
fi
use flake
watch_file flake.lock

25
.github/workflows/flake-update.yml vendored
View file

@ -3,7 +3,6 @@ env:
CI_ALLOW_ROOT: '1'
CI_CONFIG: ./ci/flake-cron.nix
CI_PLATFORM: gh-actions
OPENSSH_PRIVATE_KEY: ${{ secrets.OPENSSH_PRIVATE_KEY }}
jobs:
ci-check:
name: flake-update check
@ -11,21 +10,22 @@ jobs:
steps:
- id: checkout
name: git clone
uses: actions/checkout@v1
uses: actions/checkout@v2
with:
fetch-depth: 0
submodules: false
- id: nix-install
name: nix install
uses: arcnmx/ci/actions/nix/install@nix2.4
uses: arcnmx/ci/actions/nix/install@nix2.4-broken
- id: ci-action-build
name: nix build ci.gh-actions.configFile
uses: arcnmx/ci/actions/nix/build@nix2.4
uses: arcnmx/ci/actions/nix/build@nix2.4-broken
with:
attrs: ci.gh-actions.configFile
out-link: .ci/workflow.yml
- id: ci-action-compare
name: gh-actions compare
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
args: -u .github/workflows/flake-update.yml .ci/workflow.yml
attrs: nixpkgs.diffutils
@ -36,15 +36,16 @@ jobs:
steps:
- id: checkout
name: git clone
uses: actions/checkout@v1
uses: actions/checkout@v2
with:
fetch-depth: 0
submodules: false
- id: nix-install
name: nix install
uses: arcnmx/ci/actions/nix/install@nix2.4
uses: arcnmx/ci/actions/nix/install@nix2.4-broken
- id: ci-setup
name: nix setup
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.flake-update.run.bootstrap
quiet: false
@ -55,7 +56,7 @@ jobs:
'
- id: ci-dirty
name: nix test dirty
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.flake-update.run.test
command: ci-build-dirty
@ -63,7 +64,7 @@ jobs:
stdout: ${{ runner.temp }}/ci.build.dirty
- id: ci-test
name: nix test build
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.flake-update.run.test
command: ci-build-realise
@ -74,7 +75,7 @@ jobs:
CI_EXIT_CODE: ${{ steps.ci-test.outputs.exit-code }}
id: ci-summary
name: nix test results
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.flake-update.run.test
command: ci-build-summarise
@ -86,7 +87,7 @@ jobs:
id: ci-cache
if: always()
name: nix test cache
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.flake-update.run.test
command: ci-build-cache

22
.github/workflows/nodes.yml vendored
View file

@ -9,21 +9,21 @@ jobs:
steps:
- id: checkout
name: git clone
uses: actions/checkout@v1
uses: actions/checkout@v2
with:
submodules: false
- id: nix-install
name: nix install
uses: arcnmx/ci/actions/nix/install@nix2.4
uses: arcnmx/ci/actions/nix/install@nix2.4-broken
- id: ci-action-build
name: nix build ci.gh-actions.configFile
uses: arcnmx/ci/actions/nix/build@nix2.4
uses: arcnmx/ci/actions/nix/build@nix2.4-broken
with:
attrs: ci.gh-actions.configFile
out-link: .ci/workflow.yml
- id: ci-action-compare
name: gh-actions compare
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
args: -u .github/workflows/nodes.yml .ci/workflow.yml
attrs: nixpkgs.diffutils
@ -34,15 +34,15 @@ jobs:
steps:
- id: checkout
name: git clone
uses: actions/checkout@v1
uses: actions/checkout@v2
with:
submodules: false
- id: nix-install
name: nix install
uses: arcnmx/ci/actions/nix/install@nix2.4
uses: arcnmx/ci/actions/nix/install@nix2.4-broken
- id: ci-setup
name: nix setup
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.tewi.run.bootstrap
quiet: false
@ -53,7 +53,7 @@ jobs:
'
- id: ci-dirty
name: nix test dirty
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.tewi.run.test
command: ci-build-dirty
@ -61,7 +61,7 @@ jobs:
stdout: ${{ runner.temp }}/ci.build.dirty
- id: ci-test
name: nix test build
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.tewi.run.test
command: ci-build-realise
@ -72,7 +72,7 @@ jobs:
CI_EXIT_CODE: ${{ steps.ci-test.outputs.exit-code }}
id: ci-summary
name: nix test results
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.tewi.run.test
command: ci-build-summarise
@ -84,7 +84,7 @@ jobs:
id: ci-cache
if: always()
name: nix test cache
uses: arcnmx/ci/actions/nix/run@nix2.4
uses: arcnmx/ci/actions/nix/run@nix2.4-broken
with:
attrs: ci.job.tewi.run.test
command: ci-build-cache

28
ci/flake-cron.nix
View file

@ -1,11 +1,13 @@
{ lib, channels, config, ... }:
with lib; {
with lib; let
gitBranch = "arc";
in {
name = "flake-update";
nixpkgs.args.localSystem = "x86_64-linux";
ci = {
version = "nix2.4";
version = "nix2.4-broken";
gh-actions = {
enable = true;
export = true;
@ -13,7 +15,6 @@ with lib; {
};
gh-actions.env.OPENSSH_PRIVATE_KEY = "\${{ secrets.OPENSSH_PRIVATE_KEY }}";
gh-actions.env.CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
@ -89,21 +90,14 @@ with lib; {
enable = false;
};
displayName = "flake update build";
environment = [ "OPENSSH_PRIVATE_KEY" "CACHIX_SIGNING_KEY" "GITHUB_REF" ];
environment = [ "CACHIX_SIGNING_KEY" "GITHUB_REF" ];
command =
let
main = (import ../.);
filteredHosts = [ "tewi" ];
nodeBuildString = concatMapStringsSep " && " (node: "nix build -Lf . network.nodes.nixos.${node}.deploy.system -o result-${node} && nix-collect-garbage -d") filteredHosts;
in
''
# ${toString builtins.currentTime}
if [[ -n $OPENSSH_PRIVATE_KEY ]]; then
mkdir ~/.ssh
echo "$OPENSSH_PRIVATE_KEY" > ~/.ssh/id_rsa
chmod 0600 ~/.ssh/id_rsa
fi
nix flake update
if git status --porcelain | grep -qF flake.lock; then
@ -114,15 +108,12 @@ with lib; {
cachix push kittywitch result*/ &
CACHIX_PUSH=$!
fi
if [[ -n $OPENSSH_PRIVATE_KEY ]]; then
git add flake.lock
export GIT_{COMMITTER,AUTHOR}_EMAIL=github@kittywit.ch
export GIT_{COMMITTER,AUTHOR}_NAME="flake cron job"
git commit --message="ci: flake update"
if [[ $GITHUB_REF = refs/heads/main ]]; then
GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" \
git push ssh://gitea@git.kittywit.ch:62954/kat/nixfiles.git HEAD:main
fi
if [[ $GITHUB_REF = refs/heads/${gitBranch} ]]; then
git push origin HEAD:${gitBranch}
fi
wait ''${CACHIX_PUSH-}
@ -135,7 +126,10 @@ with lib; {
};
};
ci.gh-actions.checkoutOptions.submodules = false;
ci.gh-actions.checkoutOptions = {
submodules = false;
fetch-depth = 0;
};
cache.cachix = {
arc = {

2
ci/nodes.nix
View file

@ -4,7 +4,7 @@
nixpkgs.args.localSystem = "x86_64-linux";
ci = {
version = "nix2.4";
version = "nix2.4-broken";
gh-actions = {
enable = true;
export = true;

14
flake.lock generated
View file

@ -20,16 +20,16 @@
"ci": {
"flake": false,
"locked": {
"lastModified": 1668974663,
"narHash": "sha256-HnZEJNJfXAVJsk/0r5NB/vPmQ5aj7OMiEBFnJrV8LIU=",
"lastModified": 1668974694,
"narHash": "sha256-usfZB+CIVltVzkGUNXIdp0L+Nuaa6+gjLxbHT+1THiA=",
"owner": "arcnmx",
"repo": "ci",
"rev": "21b6f5f3bfafb1fc41c01d151be1b7515f83a1af",
"rev": "56a0b866c1c2fedc25eac788fcead8cd229cb2b2",
"type": "github"
},
"original": {
"owner": "arcnmx",
"ref": "nix2.4",
"ref": "nix2.4-broken",
"repo": "ci",
"type": "github"
}
@ -665,11 +665,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1681821469,
"narHash": "sha256-CoEr/MiWFzLkC+BI8rC4naJobsOYTccx3D4kUvABsg8=",
"lastModified": 1681821695,
"narHash": "sha256-uwyBGo/9IALi97AfMuzkJroQQhV6hkybaZVdw6pRNG4=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "edb40ecd6734c7f4daab74e9fa6c08e524bb629a",
"rev": "5698b06b0731a2c15ff8c2351644427f8ad33993",
"type": "github"
},
"original": {

2
flake.nix
View file

@ -7,7 +7,7 @@
flake = false;
};
ci = {
url = "github:arcnmx/ci/nix2.4";
url = "github:arcnmx/ci/nix2.4-broken";
flake = false;
};
home-manager = {