From 0023fb27b2881b70db27850d1fd926f34db04043 Mon Sep 17 00:00:00 2001 From: Ziping Sun Date: Sat, 15 Jun 2024 23:57:35 +0800 Subject: [PATCH] ci(check): add check workflow --- .envrc | 2 +- .github/workflows/check.yaml | 34 ++++++++++++++++++++++++++++++++++ flake.lock | 21 +++++++++++++++++++++ flake.nix | 8 ++++++++ pkgs/flake-module.nix | 2 +- 5 files changed, 65 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/check.yaml diff --git a/.envrc b/.envrc index c8912e7..b5cdfde 100644 --- a/.envrc +++ b/.envrc @@ -1,3 +1,3 @@ # shellcheck disable=SC2148 watch_file flake/**/*.nix -use flake +use flake . --accept-flake-config diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml new file mode 100644 index 0000000..8931664 --- /dev/null +++ b/.github/workflows/check.yaml @@ -0,0 +1,34 @@ +name: "Check" +on: + push: + branches: + - "master" + pull_request: + branches: + - "master" + workflow_dispatch: + +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v27 + with: + nix_path: nixpkgs=channel:nixos-unstable + extra_nix_config: | + experimental-features = nix-command flakes + access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} + - uses: DeterminateSystems/magic-nix-cache-action@v7 + - uses: cachix/cachix-action@v15 + with: + name: sunziping2016 + # Create a personal auth token from https://app.cachix.org/personal-auth-tokens, + # login to cachix, and then generate a signing key and provision it. + # cachix authtoken --stdin # paste personal auth token + # cachix generate-keypair sunziping2016 + # gh secret set CACHIX_SIGNING_KEY # paste signing key + signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}" + - run: nix flake show + - run: nix flake check --all-systems + - run: nix build .#nixosConfigurations.aliyun-hz2.config.system.build.toplevel -L diff --git a/flake.lock b/flake.lock index 6ade011..6463d42 100644 --- a/flake.lock +++ b/flake.lock @@ -204,6 +204,26 @@ "type": "github" } }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703863825, + "narHash": "sha256-rXwqjtwiGKJheXB43ybM8NwWB8rO2dSRrEqes0S7F5Y=", + "owner": "nix-community", + "repo": "nix-github-actions", + "rev": "5163432afc817cf8bd1f031418d1869e4c9d5547", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-github-actions", + "type": "github" + } + }, "nixago": { "inputs": { "flake-utils": [ @@ -284,6 +304,7 @@ "git-hooks-nix": "git-hooks-nix", "gitignore-nix": "gitignore-nix", "impermanence": "impermanence", + "nix-github-actions": "nix-github-actions", "nixago": "nixago", "nixago-exts": "nixago-exts", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index c304d3d..7282ca0 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,11 @@ { description = "Ziping Sun's NixOS configuration"; + nixConfig.extra-substituters = [ "https://sunziping2016.cachix.org" ]; + nixConfig.extra-trusted-public-keys = [ + "sunziping2016.cachix.org-1:7g2G+myu9428IcIKO83W9efXq+uGR1u4C3LR//yVpUc=" + ]; + inputs = { # nixpkgs @@ -67,6 +72,9 @@ gitignore-nix.url = "github:hercules-ci/gitignore.nix"; gitignore-nix.inputs.nixpkgs.follows = "nixpkgs"; + + nix-github-actions.url = "github:nix-community/nix-github-actions"; + nix-github-actions.inputs.nixpkgs.follows = "nixpkgs"; }; outputs = diff --git a/pkgs/flake-module.nix b/pkgs/flake-module.nix index 1630dd1..365627d 100644 --- a/pkgs/flake-module.nix +++ b/pkgs/flake-module.nix @@ -1,7 +1,7 @@ { ... }: { perSystem = - { pkgs, ... }: + { pkgs, config, ... }: let _ = pkgs.callPackages (import ./_sources/generated.nix) { }; in