kat/nixfiles
1
0
Fork 0
mirror of https://github.com/kittywitch/nixfiles.git synced 2026-02-09 04:19:19 -08:00
Code Issues Projects Releases Packages Wiki Activity

fix: add back CI module dependent functionality to CI

Browse source
This commit is contained in:
Kat Inskip 2024-07-13 12:28:19 -07:00
parent c5e8103b6b
commit 9d219f6d63
Signed by: kat
GPG key ID: 465E64DECEA8CF0F
12 changed files with 226 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

6
ci/flake-cron.nix
View file

@ -12,7 +12,10 @@ in {
name = "flake-update";
gh-actions = {
env.CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
env = {
CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}";
};
on = let
paths = [
"default.nix" # sourceCache
@ -40,6 +43,7 @@ in {
run = "nix run .#nf-update";
env = {
CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}";
NF_UPDATE_GIT_COMMIT = "1";
NF_UPDATE_CACHIX_PUSH = "1";
NF_CONFIG_ROOT = "\${{ github.workspace }}";

28
ci/nodes.nix
View file

@ -11,18 +11,32 @@ with lib; {
name = "nodes";
jobs = let
enabledSystems = filterAttrs (_: system: system.config.nixpkgs.system == "x86_64-linux") channels.nixfiles.nixosConfigurations;
mkSystemJob = name: system: nameValuePair "${name}" {
tasks.system = {
inputs = channels.nixfiles.nixosConfigurations.${name}.config.system.build.toplevel;
#warn = system.config.ci.allowFailure;
enabledNixOSSystems = filterAttrs (_: system: system.config.ci.enable) channels.nixfiles.systems;
mkNixOSSystemJob = name: system: nameValuePair "${name}" {
step.build-system-wrapper = {
name = "Build ${name} system closure";
order = 500;
run = "nix run .#nf-build-system -- nixosConfigurations.${name}.config.system.build.topLevel ${name} NixOS";
env = {
CACHIX_SIGNING_KEY = "\${{ secrets.CACHIX_SIGNING_KEY }}";
DISCORD_WEBHOOK_LINK = "\${{ secrets.DISCORD_WEBHOOK_LINK }}";
NF_UPDATE_GIT_COMMIT = "1";
NF_UPDATE_CACHIX_PUSH = "1";
NF_CONFIG_ROOT = "\${{ github.workspace }}";
};
};
tasks = {
system = {
inputs = channels.nixfiles.nixosConfigurations.${name}.config.system.build.toplevel;
warn = system.config.ci.allowFailure;
};
};
};
systemJobs = mapAttrs' mkSystemJob enabledSystems;
nixOSSystemJobs = mapAttrs' mkNixOSSystemJob enabledNixOSSystems;
in {
packages = { ... }: {
imports = [ ./packages.nix ];
};
} // systemJobs;
} // nixOSSystemJobs;
};
}

5
ci/secrets.yaml
View file

@ -1,3 +1,4 @@
DISCORD_WEBHOOK_LINK: ENC[AES256_GCM,data:kXi3OD8JbBxC2efNKcoKqzkiMN2MSjkalXf+62On9H8bbAXwD6oel7U6VaNyqTdmmG/7l+zo/uDKt/fdtKnaihlnaJJNlSwBXgm686RwKnuRR+5JEom0vCijrUCuGuvZj6AGimJYC01B47/MmTafm3rZmVZGwOwfIg==,iv:XI+u68gWqzVQ6dv7GyCkWP5LnViCLUwIKevyEnozVis=,tag:LIIB+FEg5mMfRmJ7SLGGRQ==,type:str]
CACHIX_AUTH_TOKEN: ENC[AES256_GCM,data:oezH26CAPPAXFvbtqlmEfa/X6XADQHCoObajgoaUKB8cdtI6mVnsZfmYNVgcyQzmyPhcKcqG7X1d0SYNuJW1dI2eByKvWSWUwY5N2f0994/Hd1NB3s7E3dq1EZtkZqDyFJMSchQT7xkJtEMqzdQnQhL3Au2zaP0+m6hhmkxqIet6H1Yu4n+hGBkunzF26l0VTPsPiek=,iv:ODlzphfJOsrPp0Vb/vABkES74a2wbesrRFQKGeCY2Qs=,tag:/wAItpFQmQ4KNT0ZNo1ehg==,type:str]
sops:
shamir_threshold: 1
@ -69,8 +70,8 @@ sops:
S1dxenc5M3ZhMTR3SEpqR3FxT20rdGMK4YtZe6NDBx5/LM6rbGuoXLrBEicOhDSx
azOPjHWLN+B2JdgBpemI9NDOfBWL+t/VGx00w40PUq7FsCYdoBmHtQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-07-13T18:21:10Z"
mac: ENC[AES256_GCM,data:6vjYEY6WsfXGHxryL3ypqlmRGbsgEse0WohV9N4Oepl+NDsmhsXraeSJsfQNwDgXHc7Hk6n7ORTeogXeVABMpeYZyOJnbzzfm5recAaXtB8Jq2yDC69KvS4Xuk9WzqmacLieeaZ5K1vET4hD0q52cBJtvRzgmJ2SAfEyXIeucO0=,iv:mzMAOI+aTzuGfQ4qyMTIv2QYYbXcaKcx9Wlfv7aY0CY=,tag:kwwdh7Ic0UtYqYJ1y6VqPw==,type:str]
lastmodified: "2024-07-13T20:01:47Z"
mac: ENC[AES256_GCM,data:bXjy4R50FqQg7kXdFO7CoylAJYlGFFsgcIw6Wp63lD/MXChPyPrXdxaoDkZb8T3FmzfgWOjiiBn98tN5xSH3e/eOST3SAjlIp6vrI6oNw+I4NLoSJ6xOQcF3OLxErzuQLffK7Gn+EfjUmJjZpyuLced9jyRVPOYKoAweFeeRTuI=,iv:E9B2/HdSL7/56KU5A0HvGiJqDUGodfdN3YDpAlO0To4=,tag:Xr1XzjmCiePtdES6JliuCw==,type:str]
pgp:
- created_at: "2024-07-13T18:20:50Z"
enc: |-