From 09f06b3869c9d24ea2c257c10d963a74d349a691 Mon Sep 17 00:00:00 2001 From: Kat Inskip Date: Sat, 13 Jul 2024 16:43:26 -0700 Subject: [PATCH] fix: nodes? --- .github/workflows/nodes.yml | 130 +++++++++++++++++++----------------- ci/nodes.nix | 53 ++++++++------- 2 files changed, 93 insertions(+), 90 deletions(-) diff --git a/.github/workflows/nodes.yml b/.github/workflows/nodes.yml index 72aefe21..508601ac 100644 --- a/.github/workflows/nodes.yml +++ b/.github/workflows/nodes.yml @@ -31,64 +31,8 @@ jobs: args: -u .github/workflows/nodes.yml .ci/workflow.yml attrs: nixpkgs.diffutils command: diff - goliath: - name: goliath - runs-on: ubuntu-latest - steps: - - env: - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} - NF_CONFIG_ROOT: ${{ github.workspace }} - NF_UPDATE_CACHIX_PUSH: '1' - NF_UPDATE_GIT_COMMIT: '1' - id: goliath - name: Build goliath system closure - run: nix run .#nf-build-system -- nixosConfigurations.goliath.config.system.build.topLevel - goliath NixOS - koishi: - name: koishi - runs-on: ubuntu-latest - steps: - - env: - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} - NF_CONFIG_ROOT: ${{ github.workspace }} - NF_UPDATE_CACHIX_PUSH: '1' - NF_UPDATE_GIT_COMMIT: '1' - id: koishi - name: Build koishi system closure - run: nix run .#nf-build-system -- nixosConfigurations.koishi.config.system.build.topLevel - koishi NixOS - mai: - name: mai - runs-on: ubuntu-latest - steps: - - env: - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} - NF_CONFIG_ROOT: ${{ github.workspace }} - NF_UPDATE_CACHIX_PUSH: '1' - NF_UPDATE_GIT_COMMIT: '1' - id: mai - name: Build mai system closure - run: nix run .#nf-build-system -- nixosConfigurations.mai.config.system.build.topLevel - mai NixOS - mei: - name: mei - runs-on: ubuntu-latest - steps: - - env: - CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} - DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} - NF_CONFIG_ROOT: ${{ github.workspace }} - NF_UPDATE_CACHIX_PUSH: '1' - NF_UPDATE_GIT_COMMIT: '1' - id: mei - name: Build mei system closure - run: nix run .#nf-build-system -- nixosConfigurations.mei.config.system.build.topLevel - mei NixOS - packages: - name: nodes-packages + flake-update: + name: nodes-flake-update runs-on: ubuntu-latest steps: - id: checkout @@ -104,7 +48,7 @@ jobs: name: nix test dirty uses: arcnmx/ci/actions/nix/run@v0.7 with: - attrs: ci.job.packages.run.test + attrs: ci.job.flake-update.run.test command: ci-build-dirty quiet: false stdout: ${{ runner.temp }}/ci.build.dirty @@ -112,7 +56,7 @@ jobs: name: nix test build uses: arcnmx/ci/actions/nix/run@v0.7 with: - attrs: ci.job.packages.run.test + attrs: ci.job.flake-update.run.test command: ci-build-realise ignore-exit-code: true quiet: false @@ -123,7 +67,7 @@ jobs: name: nix test results uses: arcnmx/ci/actions/nix/run@v0.7 with: - attrs: ci.job.packages.run.test + attrs: ci.job.flake-update.run.test command: ci-build-summarise quiet: false stdin: ${{ runner.temp }}/ci.build.dirty @@ -135,10 +79,66 @@ jobs: name: nix test cache uses: arcnmx/ci/actions/nix/run@v0.7 with: - attrs: ci.job.packages.run.test + attrs: ci.job.flake-update.run.test command: ci-build-cache quiet: false stdin: ${{ runner.temp }}/ci.build.cache + goliath: + name: goliath + runs-on: ubuntu-latest + steps: + - env: + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} + NF_CONFIG_ROOT: ${{ github.workspace }} + NF_UPDATE_CACHIX_PUSH: '1' + NF_UPDATE_GIT_COMMIT: '1' + id: goliath + name: build system closure for goliath + run: nix run .#nf-build-system -- nixosConfigurations.goliath.config.system.build.topLevel + goliath NixOS + koishi: + name: koishi + runs-on: ubuntu-latest + steps: + - env: + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} + NF_CONFIG_ROOT: ${{ github.workspace }} + NF_UPDATE_CACHIX_PUSH: '1' + NF_UPDATE_GIT_COMMIT: '1' + id: koishi + name: build system closure for koishi + run: nix run .#nf-build-system -- nixosConfigurations.koishi.config.system.build.topLevel + koishi NixOS + mai: + name: mai + runs-on: ubuntu-latest + steps: + - env: + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} + NF_CONFIG_ROOT: ${{ github.workspace }} + NF_UPDATE_CACHIX_PUSH: '1' + NF_UPDATE_GIT_COMMIT: '1' + id: mai + name: build system closure for mai + run: nix run .#nf-build-system -- nixosConfigurations.mai.config.system.build.topLevel + mai NixOS + mei: + name: mei + runs-on: ubuntu-latest + steps: + - env: + CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }} + DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }} + NF_CONFIG_ROOT: ${{ github.workspace }} + NF_UPDATE_CACHIX_PUSH: '1' + NF_UPDATE_GIT_COMMIT: '1' + id: mei + name: build system closure for mei + run: nix run .#nf-build-system -- nixosConfigurations.mei.config.system.build.topLevel + mei NixOS yukari: name: yukari runs-on: ubuntu-latest @@ -150,7 +150,7 @@ jobs: NF_UPDATE_CACHIX_PUSH: '1' NF_UPDATE_GIT_COMMIT: '1' id: yukari - name: Build yukari system closure + name: build system closure for yukari run: nix run .#nf-build-system -- nixosConfigurations.yukari.config.system.build.topLevel yukari NixOS name: nodes @@ -158,7 +158,11 @@ name: nodes pull_request: paths: - '*' + - ci/nodes.nix + - .github/workflows/nodes.yml push: paths: - '*' + - ci/nodes.nix + - .github/workflows/nodes.yml workflow_dispatch: {} diff --git a/ci/nodes.nix b/ci/nodes.nix index f8314450..16301f04 100644 --- a/ci/nodes.nix +++ b/ci/nodes.nix @@ -1,14 +1,16 @@ { lib, - config, channels, - env, + config, ... }: -with lib; { +with lib; let + pkgs = channels.nixpkgs; +in { imports = [ ./common.nix ]; config = { name = "nodes"; + gh-actions = { env = { CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; @@ -17,11 +19,8 @@ with lib; { on = let paths = [ "*" -/* - "default.nix" - "ci/.nix" + "ci/nodes.nix" config.ci.gh-actions.path -*/ ]; in { push = { @@ -32,28 +31,28 @@ with lib; { }; workflow_dispatch = {}; }; + jobs = let + genericNixosBuildJob = name: system: nameValuePair "${name}" { + step.${name} = { + name = "build system closure for ${name}"; + order = 500; + run = "nix run .#nf-build-system -- nixosConfigurations.${name}.config.system.build.topLevel ${name} NixOS"; + env = { + CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; + DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}"; + NF_UPDATE_GIT_COMMIT = "1"; + NF_UPDATE_CACHIX_PUSH = "1"; + NF_CONFIG_ROOT = "\${{ github.workspace }}"; + }; + }; + }; + enabledNixosSystems = filterAttrs (_: system: system.config.ci.enable) channels.nixfiles.systems; + nixosBuildJobs = mapAttrs' genericNixosBuildJob enabledNixosSystems; + in nixosBuildJobs; + }; - jobs = let - enabledNixOSSystems = filterAttrs (_: system: system.config.ci.enable) channels.nixfiles.systems; - mkNixOSSystemJob = name: system: nameValuePair "${name}" { - step.${name} = { - name = "Build ${name} system closure"; - order = 500; - run = "nix run .#nf-build-system -- nixosConfigurations.${name}.config.system.build.topLevel ${name} NixOS"; - env = { - CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}"; - DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}"; - NF_UPDATE_GIT_COMMIT = "1"; - NF_UPDATE_CACHIX_PUSH = "1"; - NF_CONFIG_ROOT = "\${{ github.workspace }}"; - }; - }; - }; - nixOSSystemJobs = mapAttrs' mkNixOSSystemJob enabledNixOSSystems; - in nixOSSystemJobs; - }; jobs = { - packages = { ... }: { + flake-update = { ... }: { imports = [ ./packages.nix ]; }; };