CI #153
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "CI" | |
| on: | |
| pull_request: | |
| push: | |
| branches: | |
| - "main" | |
| schedule: | |
| - cron: '20 2 * * *' | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| test-javascript: | |
| name: "JavaScript Tests" | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: | |
| - "ubuntu-latest" | |
| - "macos-latest" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v4" | |
| - name: "Install Nix" | |
| uses: "cachix/install-nix-action@v27" | |
| - name: "Cache Dependencies" | |
| id: cache | |
| uses: "actions/cache@8070854e57d983bdd2887b0a708ad985f77398ab" | |
| env: | |
| GITHUB_ACTIONS_RUNNER_FORCED_NODE_VERSION: node20 | |
| with: | |
| key: npm-${{ matrix.os }}-${{ hashFiles('package-lock.json') }} | |
| path: ./node_modules | |
| restore-keys: | | |
| npm-feature-${{ matrix.os }}-${{ hashFiles('package-lock.json') }} | |
| npm-feature-${{ matrix.os }}- | |
| npm-feature- | |
| npm- | |
| - name: "Install Dependencies" | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| run: nix develop --accept-flake-config --command npm ci | |
| - name: "Check Format" | |
| run: nix develop --accept-flake-config --command npm run format:check | |
| - name: "Test" | |
| run: nix develop --accept-flake-config --command npm run ci-test | |
| test-minimal-action: | |
| name: "Minimal - Github Action Test" | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: | |
| - "ubuntu-latest" | |
| - "macos-latest" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v4" | |
| - name: "Install Nix" | |
| uses: "cachix/install-nix-action@v27" | |
| - name: "Test Local Action" | |
| uses: "./" | |
| with: | |
| github-access-token: "${{ secrets.MANAGED_MANAGED_FLOXBOT_GITHUB_ACCESS_TOKEN_REPO_SCOPE }}" | |
| - name: "Test: nix --version" | |
| run: | | |
| nix --version | |
| test-all-action: | |
| name: "All - Github Action Test" | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: | |
| - "ubuntu-latest" | |
| - "macos-latest" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v4" | |
| - name: "Setup Tailscale" | |
| if: ${{ runner.os == 'Linux' }} | |
| uses: "tailscale/github-action@v2" | |
| with: | |
| args: "--timeout 30s --login-server ${{ vars.MANAGED_TAILSCALE_URL }}" | |
| tags: tag:ci | |
| authkey: "${{ secrets.MANAGED_TAILSCALE_AUTH_KEY }}" | |
| - name: "Install Nix" | |
| uses: "cachix/install-nix-action@v27" | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable | |
| - name: "Test Local Action" | |
| uses: "./" | |
| with: | |
| github-access-token: "${{ secrets.MANAGED_FLOXBOT_GITHUB_ACCESS_TOKEN_REPO_SCOPE }}" | |
| substituter: "${{ vars.MANAGED_CACHE_PUBLIC_S3_BUCKET }}" | |
| substituter-key: "${{ secrets.MANAGED_CACHE_PUBLIC_SECRET_KEY }}" | |
| aws-access-key-id: "${{ secrets.MANAGED_CACHE_PUBLIC_AWS_ACCESS_KEY_ID }}" | |
| aws-secret-access-key: "${{ secrets.MANAGED_CACHE_PUBLIC_AWS_SECRET_ACCESS_KEY }}" | |
| ssh-key: "${{ secrets.MANAGED_FLOXBOT_SSH_KEY }}" | |
| remote-builders: "${{ runner.os == 'Linux' && vars.MANAGED_REMOTE_BUILDERS || '' }}" | |
| - name: "Test Remote Builders" | |
| if: ${{ runner.os == 'Linux' }} # tailscale Action does not work on MacOS | |
| run: | | |
| export NIX_PATH="nixpkgs=flake:nixpkgs" | |
| export NIX_CONFIG="experimental-features = nix-command flakes" | |
| RAND=$RANDOM | |
| nix build --accept-flake-config -vv -L --impure --expr '(with import <nixpkgs> { system = "x86_64-linux"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| nix build --accept-flake-config -vv -L --impure --expr '(with import <nixpkgs> { system = "aarch64-linux"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| nix build --accept-flake-config -vv -L --impure --expr '(with import <nixpkgs> { system = "x86_64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| nix build --accept-flake-config -vv -L --impure --expr '(with import <nixpkgs> { system = "aarch64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| cd example | |
| nix build --accept-flake-config --no-write-lock-file | |
| test-nix-action: | |
| name: "Nix - test integration with Nix" | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: | |
| - "ubuntu-latest" | |
| - "macos-latest" | |
| steps: | |
| - name: "Checkout" | |
| uses: "actions/checkout@v4" | |
| - name: "Setup Tailscale" | |
| if: ${{ runner.os == 'Linux' }} | |
| uses: "tailscale/github-action@v2" | |
| with: | |
| args: "--timeout 30s --login-server ${{ vars.MANAGED_TAILSCALE_URL }}" | |
| tags: tag:ci | |
| authkey: "${{ secrets.MANAGED_TAILSCALE_AUTH_KEY }}" | |
| - name: "Install Nix" | |
| uses: "cachix/install-nix-action@v27" | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable | |
| - name: "Test Local Action" | |
| uses: "./" | |
| with: | |
| github-access-token: "${{ secrets.MANAGED_FLOXBOT_GITHUB_ACCESS_TOKEN_REPO_SCOPE }}" | |
| substituter: "${{ vars.MANAGED_CACHE_PUBLIC_S3_BUCKET }}" | |
| substituter-key: "${{ secrets.MANAGED_CACHE_PUBLIC_SECRET_KEY }}" | |
| aws-access-key-id: "${{ secrets.MANAGED_CACHE_PUBLIC_AWS_ACCESS_KEY_ID }}" | |
| aws-secret-access-key: "${{ secrets.MANAGED_CACHE_PUBLIC_AWS_SECRET_ACCESS_KEY }}" | |
| ssh-key: "${{ secrets.MANAGED_FLOXBOT_SSH_KEY }}" | |
| remote-builders: "${{ runner.os == 'Linux' && vars.MANAGED_REMOTE_BUILDERS || '' }}" | |
| - name: "Test Remote Builders" | |
| if: ${{ runner.os == 'Linux' }} | |
| run: | | |
| export NIX_CONFIG="experimental-features = nix-command flakes" | |
| RAND=$RANDOM | |
| nix build --accept-flake-config -L --impure --expr '(with import <nixpkgs> { system = "x86_64-linux"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| nix build --accept-flake-config -L --impure --expr '(with import <nixpkgs> { system = "aarch64-linux"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| nix build --accept-flake-config -L --impure --expr '(with import <nixpkgs> { system = "x86_64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| nix build --accept-flake-config -L --impure --expr '(with import <nixpkgs> { system = "aarch64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' | |
| cd example | |
| nix build --accept-flake-config --no-write-lock-file | |
| report-failure: | |
| name: "Report Failure" | |
| runs-on: "ubuntu-latest" | |
| if: ${{ failure() && github.ref == 'refs/heads/main' && (github.event_name == 'push' || github.event_name == 'schedule') }} | |
| needs: | |
| - "test-javascript" | |
| - "test-minimal-action" | |
| - "test-all-action" | |
| - "test-nix-action" | |
| steps: | |
| - name: "Slack Notification" | |
| uses: "rtCamp/action-slack-notify@v2" | |
| env: | |
| SLACK_TITLE: "Something broke CI for flox/configure-nix-action on main" | |
| SLACK_FOOTER: "Thank you for caring" | |
| SLACK_WEBHOOK: "${{ secrets.MANAGED_SLACK_WEBHOOK }}" | |
| SLACK_USERNAME: "GitHub" | |
| SLACK_ICON_EMOJI: ":poop:" | |
| SLACK_COLOR: "#ff2800" # ferrari red -> https://encycolorpedia.com/ff2800 | |
| SLACK_LINK_NAMES: true |