Update ci.yml #8
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CI" | |
| on: | |
| pull_request: | |
| branches: [master] | |
| push: | |
| branches: [master] | |
| schedule: | |
| - cron: "0 */6 * * *" | |
| concurrency: | |
| # Use github.run_id on main branch | |
| # Use github.event.pull_request.number on pull requests, so it's unique per pull request | |
| # Use github.ref on other branches, so it's unique per branch | |
| group: ${{ github.workflow }}-${{ github.ref == 'refs/heads/main' && github.run_id || github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| id-token: write | |
| jobs: | |
| auto-pull-request: | |
| if: "${{ github.event_name == 'schedule' }}" | |
| runs-on: [ ubuntu-latest ] | |
| steps: | |
| - name: Check if PR exists | |
| id: check | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| [ ! -d .git ] && gh repo clone "$GITHUB_REPOSITORY" my_repo && cd my_repo | |
| prs=$(gh pr list \ | |
| --repo "$GITHUB_REPOSITORY" \ | |
| --head 'nixos-unstable' \ | |
| --base 'master' \ | |
| --json title \ | |
| --jq 'length') | |
| count_commit=$(git rev-list --left-right --count nixos-unstable...master | awk '{print $1}') | |
| if (( prs > 0 )) || (( count_commit < 1 )); then | |
| echo "skip=true" >> "$GITHUB_OUTPUT" | |
| fi | |
| - name: Create pull request | |
| if: '!steps.check.outputs.skip' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| git checkout nixos-unstable | |
| gh pr create --title "Merge from nixos-unstable" --body "" | |
| megasync: | |
| if: "${{ github.event_name == 'pull_request' }}" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| with: | |
| github-token: ${{ secrets.GH_TOKEN }} | |
| extra-conf: "experimental-features = nix-command flakes pipe-operators" | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| with: | |
| use-flakehub: false | |
| - uses: cachix/cachix-action@master | |
| with: | |
| name: fmcachix | |
| # If you chose API tokens for write access OR if you have a private cache | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - run: nix build .#megasync --verbose | |
| - run: nix-collect-garbage -d | |
| wasmer: | |
| if: "${{ github.event_name == 'pull_request' }}" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| with: | |
| github-token: ${{ secrets.GH_TOKEN }} | |
| extra-conf: "experimental-features = nix-command flakes pipe-operators" | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| with: | |
| use-flakehub: false | |
| - uses: cachix/cachix-action@master | |
| with: | |
| name: fmcachix | |
| # If you chose API tokens for write access OR if you have a private cache | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - run: nix build .#wasmer --verbose | |
| - run: nix-collect-garbage -d | |
| cli: | |
| if: "${{ github.event_name == 'pull_request' }}" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| with: | |
| github-token: ${{ secrets.GH_TOKEN }} | |
| extra-conf: "experimental-features = nix-command flakes pipe-operators" | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| with: | |
| use-flakehub: false | |
| - uses: cachix/cachix-action@master | |
| with: | |
| name: fmcachix | |
| # If you chose API tokens for write access OR if you have a private cache | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - run: nix build .#nix-init --verbose | |
| git: | |
| if: "${{ github.event_name == 'pull_request' }}" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| with: | |
| github-token: ${{ secrets.GH_TOKEN }} | |
| extra-conf: | | |
| experimental-features = nix-command flakes pipe-operators repl-flake auto-allocate-uids configurable-impure-env | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| with: | |
| use-flakehub: false | |
| - uses: cachix/cachix-action@master | |
| with: | |
| name: fmcachix | |
| # If you chose API tokens for write access OR if you have a private cache | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - run: nix build .#custom.git --verbose | |
| - run: nix-collect-garbage -d | |
| nixos: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'pull_request' }} | |
| needs: | |
| - cli | |
| - wasmer | |
| - git | |
| - megasync | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: DeterminateSystems/nix-installer-action@main | |
| with: | |
| github-token: ${{ secrets.GH_TOKEN }} | |
| extra-conf: | | |
| experimental-features = nix-command flakes pipe-operators auto-allocate-uids configurable-impure-env | |
| substituters = https://cache.nixos.org/ https://chaotic-nyx.cachix.org https://devenv.cachix.org https://fmcachix.cachix.org https://microvm.cachix.org https://nix-community.cachix.org https://nocargo.cachix.org https://om.cachix.org https://snowflakeos.cachix.org https://tweag-jupyter.cachix.org https://nix-community.cachix.org/ https://chaotic-nyx.cachix.org/ https://cache.nixos.org/ | |
| trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8= devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw= fmcachix.cachix.org-1:Z5j9jk83ctoCK22EWrbQL6AAP3CTYnZ/PHljlYSakrw= microvm.cachix.org-1:oXnBc6hRE3eX5rSYdRyMYXnfzcCxC7yKPTbZXALsqys= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= nocargo.cachix.org-1:W6jkp5htZBA1tUdU8XHLaD7zBrIFnor0MsLhHgrJeHk= om.cachix.org-1:ifal/RLZJKN4sbpScyPGqJ2+appCslzu7ZZF/C01f2Q= snowflakeos.cachix.org-1:gXb32BL86r9bw1kBiw9AJuIkqN49xBvPd1ZW8YlqO70= tweag-jupyter.cachix.org-1:UtNH4Zs6hVUFpFBTLaA4ejYavPo5EFFqgd7G7FxGW9g= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8= | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| with: | |
| use-flakehub: false | |
| - name: Build | |
| run: nix build .#nixosConfigurations.minimal.config.system.build.toplevel --verbose | |
| - name: Info | |
| run: nix path-info -Sh ./result | |
| - run: nix-collect-garbage -d | |
| auto-merge: | |
| needs: | |
| - cli | |
| - wasmer | |
| - git | |
| - megasync | |
| - nixos | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name == 'pull_request'}} | |
| steps: | |
| - name: Enable auto-merge | |
| run: gh pr merge --auto --merge "$PR_URL" | |
| env: | |
| PR_URL: ${{github.event.pull_request.html_url}} | |
| GITHUB_TOKEN: ${{secrets.GH_TOKEN}} |