nixos: Adjust Nix store warning for environmentFile #250
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
pull_request: | |
push: | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ghcr.io/${{ github.repository }} | |
jobs: | |
tests: | |
strategy: | |
matrix: | |
os: | |
- ubuntu-latest | |
- macos-latest | |
nix: | |
- "2.20" | |
- "2.24" | |
- "default" | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
- name: Install current Bash on macOS | |
if: runner.os == 'macOS' | |
run: | | |
command -v brew && brew install bash || true | |
- uses: DeterminateSystems/nix-installer-action@v14 | |
continue-on-error: true # Self-hosted runners already have Nix installed | |
- name: Install Attic | |
run: | | |
if ! command -v attic &> /dev/null; then | |
./.github/install-attic-ci.sh | |
fi | |
- name: Configure Attic | |
continue-on-error: true | |
run: | | |
: "${ATTIC_SERVER:=https://staging.attic.rs/}" | |
: "${ATTIC_CACHE:=attic-ci}" | |
echo ATTIC_CACHE=$ATTIC_CACHE >>$GITHUB_ENV | |
export PATH=$HOME/.nix-profile/bin:$PATH # FIXME | |
attic login --set-default ci "$ATTIC_SERVER" "$ATTIC_TOKEN" | |
attic use "$ATTIC_CACHE" | |
env: | |
ATTIC_SERVER: ${{ secrets.ATTIC_SERVER }} | |
ATTIC_CACHE: ${{ secrets.ATTIC_CACHE }} | |
ATTIC_TOKEN: ${{ secrets.ATTIC_TOKEN }} | |
- name: Cache dev shell | |
run: | | |
.ci/cache-shell.sh | |
system=$(nix-instantiate --eval -E 'builtins.currentSystem') | |
echo system=$system >>$GITHUB_ENV | |
- name: Run unit tests | |
run: | | |
.ci/run just ci-unit-tests ${{ matrix.nix }} | |
- name: Build WebAssembly crates | |
if: runner.os == 'Linux' | |
run: | | |
.ci/run just ci-build-wasm | |
# TODO: Just take a diff of the list of store paths, also abstract all of this out | |
- name: Push build artifacts | |
run: | | |
export PATH=$HOME/.nix-profile/bin:$PATH # FIXME | |
if [ -n "$ATTIC_TOKEN" ]; then | |
nix build --no-link --print-out-paths -L \ | |
.#internalMatrix."$system".\"${{ matrix.nix }}\".attic-tests \ | |
.#internalMatrix."$system".\"${{ matrix.nix }}\".cargoArtifacts \ | |
| xargs attic push "ci:$ATTIC_CACHE" | |
fi | |
image: | |
runs-on: ubuntu-latest | |
if: github.event_name == 'push' | |
needs: | |
- tests | |
permissions: | |
contents: read | |
packages: write | |
steps: | |
- uses: actions/checkout@v4.1.7 | |
- name: Install current Bash on macOS | |
if: runner.os == 'macOS' | |
run: | | |
command -v brew && brew install bash || true | |
- uses: DeterminateSystems/nix-installer-action@v14 | |
continue-on-error: true # Self-hosted runners already have Nix installed | |
- name: Install Attic | |
run: | | |
if ! command -v attic &> /dev/null; then | |
./.github/install-attic-ci.sh | |
fi | |
- name: Configure Attic | |
continue-on-error: true | |
run: | | |
: "${ATTIC_SERVER:=https://staging.attic.rs/}" | |
: "${ATTIC_CACHE:=attic-ci}" | |
echo ATTIC_CACHE=$ATTIC_CACHE >>$GITHUB_ENV | |
export PATH=$HOME/.nix-profile/bin:$PATH # FIXME | |
attic login --set-default ci "$ATTIC_SERVER" "$ATTIC_TOKEN" | |
attic use "$ATTIC_CACHE" | |
env: | |
ATTIC_SERVER: ${{ secrets.ATTIC_SERVER }} | |
ATTIC_CACHE: ${{ secrets.ATTIC_CACHE }} | |
ATTIC_TOKEN: ${{ secrets.ATTIC_TOKEN }} | |
- name: Cache dev shell | |
run: | | |
.ci/cache-shell.sh | |
system=$(nix-instantiate --eval -E 'builtins.currentSystem') | |
echo system=$system >>$GITHUB_ENV | |
- name: Log in to the Container registry | |
uses: docker/login-action@v3.3.0 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build and push container images | |
continue-on-error: true | |
run: | | |
declare -a tags | |
tags+=("${{ github.sha }}") | |
branch=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') | |
if [[ "${{ github.ref }}" == "refs/tags/"* ]]; then | |
tags+=("$(echo $branch | sed -e 's/^v//')") | |
else | |
tags+=("${branch}") | |
fi | |
if [ "$branch" == "${{ github.event.repository.default_branch }}" ]; then | |
tags+=("latest") | |
fi | |
>&2 echo "Image: ${IMAGE_NAME}" | |
>&2 echo "Tags: ${tags[@]}" | |
.ci/run just ci-build-and-push-images "${IMAGE_NAME}" "${tags[@]}" | |
# TODO: Just take a diff of the list of store paths, also abstract all of this out | |
- name: Push build artifacts | |
run: | | |
export PATH=$HOME/.nix-profile/bin:$PATH # FIXME | |
if [ -n "$ATTIC_TOKEN" ]; then | |
nix build --no-link --print-out-paths -L \ | |
.#attic-server-image \ | |
.#attic-server-image-aarch64 \ | |
| xargs attic push "ci:$ATTIC_CACHE" | |
fi |