move NixOS VM tests to checks output
#705
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| push: { branches: [ 'main' ] } | |
| pull_request: | |
| workflow_dispatch: | |
| jobs: | |
| eval: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - { uses: 'actions/checkout@v4', name: 'Checkout' } | |
| - uses: 'DeterminateSystems/nix-installer-action@main' | |
| name: 'Install Nix' | |
| with: { extra-conf: 'experimental-features = no-url-literals' } | |
| - run: nix ${{ runner.debug && '--debug' }} flake check --impure --no-build --show-trace | |
| env: { NIX_ABORT_ON_WARN: true } | |
| matrix: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| matrix: ${{ steps.matrix.outputs.matrix }} | |
| steps: | |
| - { uses: 'actions/checkout@v4', name: 'Checkout' } | |
| - uses: 'DeterminateSystems/nix-installer-action@main' | |
| name: 'Install Nix' | |
| with: { extra-conf: 'experimental-features = no-url-literals' } | |
| - run: nix registry list | |
| - id: trusted | |
| name: Set up Cachix to use trusted cache | |
| uses: cachix/cachix-action@v14 | |
| if: (github.event_name != 'pull_request' || !github.event.pull_request.head.repo.fork) | |
| with: | |
| name: ngi | |
| authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
| - id: env | |
| name: Decode Cachix authentication token | |
| run: echo "CACHIX_AUTH_TOKEN=$(tr 'A-Za-z' 'N-ZA-Mn-za-m' < .github/workflows/cachix)" >> "$GITHUB_ENV" | |
| if: steps.trusted.outcome == 'skipped' | |
| - name: Set up Cachix to use untrusted cache for PRs from forks | |
| uses: cachix/cachix-action@v14 | |
| if: steps.env.outcome == 'success' | |
| with: | |
| name: ngi-untrusted | |
| extraPullNames: ngi | |
| authToken: ${{ env.CACHIX_AUTH_TOKEN }} | |
| - id: matrix | |
| name: 'Evaluate matrix' | |
| run: | | |
| ATTR='.#checks."x86_64-linux"' | |
| ( | |
| echo -n "matrix=" | |
| nix run github:nix-community/nix-eval-jobs/v2.19.4 -- \ | |
| --check-cache-status --gc-roots-dir "$(pwd)/gcroot" --force-recurse --workers "$(nproc)" --flake "$ATTR" \ | |
| | tee eval.jsonl \ | |
| | nix run .#build-matrix -- "$ATTR" \ | |
| | tee matrix.json | |
| ) >> "$GITHUB_OUTPUT" | |
| - uses: 'actions/upload-artifact@v4' | |
| name: 'Upload artifact containing evaluation results and job matrix' | |
| with: | |
| name: matrix | |
| path: | | |
| eval.jsonl | |
| matrix.json | |
| build: | |
| needs: matrix | |
| runs-on: ${{ matrix.platform }} | |
| name: build ${{ join(matrix.names, ', ') }} | |
| strategy: { matrix: '${{fromJSON(needs.matrix.outputs.matrix)}}' } | |
| steps: | |
| - { uses: 'actions/checkout@v4', name: 'Checkout' } | |
| - uses: 'DeterminateSystems/nix-installer-action@main' | |
| name: 'Install Nix' | |
| with: { extra-conf: 'experimental-features = no-url-literals' } | |
| - id: trusted | |
| name: Set up Cachix to use trusted cache | |
| uses: cachix/cachix-action@v14 | |
| if: (github.event_name != 'pull_request' || !github.event.pull_request.head.repo.fork) | |
| with: | |
| name: ngi | |
| authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
| - id: env | |
| name: Decode Cachix authentication token | |
| run: echo "CACHIX_AUTH_TOKEN=$(tr 'A-Za-z' 'N-ZA-Mn-za-m' < .github/workflows/cachix)" >> "$GITHUB_ENV" | |
| if: steps.trusted.outcome == 'skipped' | |
| - name: Set up Cachix to use untrusted cache for PRs from forks | |
| uses: cachix/cachix-action@v14 | |
| if: steps.env.outcome == 'success' | |
| with: | |
| name: ngi-untrusted | |
| extraPullNames: ngi | |
| authToken: ${{ env.CACHIX_AUTH_TOKEN }} | |
| - run: nix ${{ runner.debug && '--debug' }} build --print-build-logs ${{ join(matrix.attributes, ' ') }} |