-
Notifications
You must be signed in to change notification settings - Fork 5
123 lines (104 loc) · 4.21 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
# Copyright lowRISC contributors.
#
# SPDX-License-Identifier: MIT
name: CI
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
# Cancel existing runs if a pull request is pushed.
# For branch pushes, this will queue a new run and cancel the existing one. This allows the cache
# of the run to be used by the new run.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
jobs:
checks:
name: Quality Check
runs-on: nixos-23.11
steps:
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v24
- name: Nix Format Check
run: nix fmt -- . --check
- name: Run Nix Checks
run: nix flake check -L
build-plan:
# Save some computation. If the checks fail, don't build.
needs: checks
name: Generate Build Plan
runs-on: nixos-23.11
outputs:
attrs: ${{ steps.plan.outputs.ATTRS }}
steps:
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v24
with:
nix_path: nixpkgs=channel:nixos-23.11
extra_nix_config: |
substituters = https://nix-cache.lowrisc.org/public/ https://cache.nixos.org/
trusted-public-keys = nix-cache.lowrisc.org-public-1:O6JLD0yXzaJDPiQW1meVu32JIDViuaPtGDfjlOopU7o= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
- name: Generate Build Plan
id: plan
run: |
REBUILD=()
echo '| Package | Status |' >> $GITHUB_STEP_SUMMARY
echo '|---------|--------|' >> $GITHUB_STEP_SUMMARY
for LINE in $(nix-shell -p nix-eval-jobs --run 'nix-eval-jobs --accept-flake-config --flake .#packages.x86_64-linux'); do
ATTR=$(echo "$LINE" | jq -r .attr)
OUTPUTS=$(echo "$LINE" | jq -r '.outputs | keys | join(",")')
# Check if all outputs are cached. We don't use nix-eval-jobs's cache check because it also includes local path
CACHED=y
for OUTPUT in ${OUTPUTS//,/ }; do
HASH=$(echo "$LINE" | jq -r ".outputs.$OUTPUT" | cut -d '/' -f4 | cut -d '-' -f1)
if ! curl -sSfL "https://nix-cache.lowrisc.org/public/$HASH.narinfo"; then
CACHED=n
fi
done
if [[ $CACHED == y ]]; then
echo "| $ATTR | ✅ Cached |" | tee -a $GITHUB_STEP_SUMMARY
else
REBUILD+=($ATTR)
echo "| $ATTR | ⏳ Need Rebuild |" | tee -a $GITHUB_STEP_SUMMARY
fi
done
echo 'ATTRS<<EOF' >> $GITHUB_OUTPUT
jq --null-input '$ARGS.positional' --args -- "${REBUILD[@]}" >> $GITHUB_OUTPUT
echo 'EOF' >> $GITHUB_OUTPUT
build:
needs: build-plan
name: Build
runs-on: nixos-23.11
# Matrix can't be empty, so skip the job entirely if nothing needs to be rebuilt.
if: fromJSON(needs.build-plan.outputs.attrs)[0] != null
strategy:
matrix:
attr: ${{fromJSON(needs.build-plan.outputs.attrs)}}
steps:
- name: checkout
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v24
with:
extra_nix_config: |
substituters = https://nix-cache.lowrisc.org/public/ https://cache.nixos.org/
trusted-public-keys = nix-cache.lowrisc.org-public-1:O6JLD0yXzaJDPiQW1meVu32JIDViuaPtGDfjlOopU7o= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
- name: Setup Cache
if: github.event_name != 'pull_request'
run: |
nix profile install nixpkgs#attic-client
attic login --set-default lowrisc https://nix-cache.lowrisc.org/ ${{ secrets.NIX_CACHE_TOKEN }}
- name: Build
run: |
# For derivations with multiple outputs, this produces a list that references all the outputs.
OUTPUTS=$(nix eval .#${{ matrix.attr }} --apply 'd: d.outputs' --json | jq -r 'map(".#${{ matrix.attr }}." + .) | join(" ")')
nix build $OUTPUTS --accept-flake-config
- name: Upload Cache
if: github.event_name != 'pull_request'
run: |
attic push public result*