nixfiles/.github/workflows/nodes.yml

env:
  CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
  CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
  CI_ALLOW_ROOT: '1'
  CI_CONFIG: ./ci/nodes.nix
  CI_PLATFORM: gh-actions
  DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }}
jobs:
  ci-check:
    name: nodes check
    runs-on: ubuntu-latest
    steps:
    - id: checkout
      name: git clone
      uses: actions/checkout@v4
      with:
        fetch-depth: 0
        submodules: false
    - id: nix-install
      name: nix install
      uses: arcnmx/ci/actions/nix/install@v0.7
    - id: ci-action-build
      name: nix build ci.gh-actions.configFile
      uses: arcnmx/ci/actions/nix/build@v0.7
      with:
        attrs: ci.gh-actions.configFile
        out-link: .ci/workflow.yml
    - id: ci-action-compare
      name: gh-actions compare
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        args: -u .github/workflows/nodes.yml .ci/workflow.yml
        attrs: nixpkgs.diffutils
        command: diff
  nixos-mai:
    name: nodes-nixos-mai
    runs-on: ubuntu-latest
    steps:
    - id: checkout
      name: git clone
      uses: actions/checkout@v4
      with:
        fetch-depth: 0
        submodules: false
    - id: nix-install
      name: nix install
      uses: arcnmx/ci/actions/nix/install@v0.7
    - env:
        CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
        CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
        DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }}
        NF_CONFIG_ROOT: ${{ github.workspace }}
        NF_UPDATE_CACHIX_PUSH: '1'
      id: mai
      name: build system closure for mai
      run: nix run .#nf-build-system -- nixosConfigurations.mai.config.system.build.toplevel
        mai NixOS
    - id: ci-dirty
      name: nix test dirty
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mai.run.test
        command: ci-build-dirty
        quiet: false
        stdout: ${{ runner.temp }}/ci.build.dirty
    - id: ci-test
      name: nix test build
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mai.run.test
        command: ci-build-realise
        ignore-exit-code: true
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.dirty
    - env:
        CI_EXIT_CODE: ${{ steps.ci-test.outputs.exit-code }}
      id: ci-summary
      name: nix test results
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mai.run.test
        command: ci-build-summarise
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.dirty
        stdout: ${{ runner.temp }}/ci.build.cache
    - env:
        CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
      id: ci-cache
      if: always()
      name: nix test cache
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mai.run.test
        command: ci-build-cache
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.cache
  nixos-mei:
    name: nodes-nixos-mei
    runs-on: ubuntu-latest
    steps:
    - id: checkout
      name: git clone
      uses: actions/checkout@v4
      with:
        fetch-depth: 0
        submodules: false
    - id: nix-install
      name: nix install
      uses: arcnmx/ci/actions/nix/install@v0.7
    - env:
        CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
        CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
        DISCORD_WEBHOOK_LINK: ${{ secrets.DISCORD_WEBHOOK_LINK }}
        NF_CONFIG_ROOT: ${{ github.workspace }}
        NF_UPDATE_CACHIX_PUSH: '1'
      id: mei
      name: build system closure for mei
      run: nix run .#nf-build-system -- nixosConfigurations.mei.config.system.build.toplevel
        mei NixOS
    - id: ci-dirty
      name: nix test dirty
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mei.run.test
        command: ci-build-dirty
        quiet: false
        stdout: ${{ runner.temp }}/ci.build.dirty
    - id: ci-test
      name: nix test build
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mei.run.test
        command: ci-build-realise
        ignore-exit-code: true
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.dirty
    - env:
        CI_EXIT_CODE: ${{ steps.ci-test.outputs.exit-code }}
      id: ci-summary
      name: nix test results
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mei.run.test
        command: ci-build-summarise
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.dirty
        stdout: ${{ runner.temp }}/ci.build.cache
    - env:
        CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
      id: ci-cache
      if: always()
      name: nix test cache
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.nixos-mei.run.test
        command: ci-build-cache
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.cache
name: nodes
'on':
  pull_request:
    paths:
    - '*'
    - ci/nodes.nix
    - .github/workflows/nodes.yml
  push:
    paths:
    - '*'
    - ci/nodes.nix
    - .github/workflows/nodes.yml
  workflow_dispatch: {}