nixos/nix
1
1
Fork 0
mirror of https://github.com/NixOS/nix.git synced 2025-12-05 16:41:01 +01:00
Code Activity
nix/.github/workflows/ci.yml
Graham Christensen 15871addd5
Merge pull request #145 from DeterminateSystems/push-lxmxkysvvluw 
Try publishing the manual again
2025-07-12 00:34:31 +00:00

146 lines
4.2 KiB
YAML
Raw Blame History

name: "CI"
on:
pull_request:
push:
branches:
# NOTE: make sure any branches here are also valid directory names,
# otherwise creating the directory and uploading to s3 will fail
- detsys-main
- main
- master
merge_group:
release:
types:
- published
permissions:
id-token: "write"
contents: "read"
pull-requests: "write"
statuses: "write"
deployments: "write"
jobs:
eval:
runs-on: UbuntuLatest32Cores128G
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: DeterminateSystems/determinate-nix-action@main
- run: nix flake show --all-systems --json
build_x86_64-linux:
uses: ./.github/workflows/build.yml
with:
system: x86_64-linux
runner: namespace-profile-linuxamd32c64g-cache
runner_for_virt: UbuntuLatest32Cores128G
runner_small: ubuntu-latest
run_tests: true
run_vm_tests: true
run_regression_tests: true
publish_manual: true
secrets:
manual_netlify_auth_token: ${{ secrets.NETLIFY_AUTH_TOKEN }}
manual_netlify_site_id: ${{ secrets.NETLIFY_SITE_ID }}
build_aarch64-linux:
uses: ./.github/workflows/build.yml
with:
if: ${{ github.event_name != 'pull_request' }}
system: aarch64-linux
runner: UbuntuLatest32Cores128GArm
runner_for_virt: UbuntuLatest32Cores128GArm
runner_small: UbuntuLatest32Cores128GArm
build_x86_64-darwin:
uses: ./.github/workflows/build.yml
with:
if: ${{ github.event_name != 'pull_request' }}
system: x86_64-darwin
runner: macos-latest-large
runner_for_virt: macos-latest-large
runner_small: macos-latest-large
run_tests: false
build_aarch64-darwin:
uses: ./.github/workflows/build.yml
with:
system: aarch64-darwin
runner: namespace-profile-mac-m2-12c28g
runner_for_virt: namespace-profile-mac-m2-12c28g
runner_small: macos-latest-xlarge
success:
runs-on: ubuntu-latest
needs:
- eval
- build_x86_64-linux
- build_aarch64-linux
- build_x86_64-darwin
- build_aarch64-darwin
if: ${{ always() }}
steps:
- run: "true"
- run: |
echo "A dependent in the build matrix failed:"
echo "$needs"
exit 1
env:
needs: ${{ toJSON(needs) }}
if: |
contains(needs.*.result, 'failure') ||
contains(needs.*.result, 'cancelled')
- uses: actions/checkout@v4
- uses: DeterminateSystems/determinate-nix-action@main
- name: Create artifacts directory
run: mkdir -p ./artifacts
- name: Fetch artifacts
uses: actions/download-artifact@v4
with:
path: downloaded
- name: Move downloaded artifacts to artifacts directory
run: |
for dir in ./downloaded/*; do
arch="$(basename "$dir")"
mv "$dir"/*.xz ./artifacts/"${arch}"
done
- name: Build fallback-paths.nix
if: ${{ github.event_name != 'pull_request' }}
run: |
nix build .#fallbackPathsNix --out-link fallback
cat fallback > ./artifacts/fallback-paths.nix
- uses: DeterminateSystems/push-artifact-ids@main
with:
s3_upload_role: ${{ secrets.AWS_S3_UPLOAD_ROLE_ARN }}
bucket: ${{ secrets.AWS_S3_UPLOAD_BUCKET_NAME }}
directory: ./artifacts
ids_project_name: determinate-nix
ids_binary_prefix: determinate-nix
skip_acl: true
allowed_branches: '["detsys-main"]'
publish:
needs:
- success
if: (!github.repository.fork && (github.ref == format('refs/heads/{0}', github.event.repository.default_branch) || startsWith(github.ref, 'refs/tags/')))
environment: ${{ github.event_name == 'release' && 'production' || '' }}
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/determinate-nix-action@main
- uses: DeterminateSystems/flakehub-push@main
with:
rolling: ${{ github.ref == format('refs/heads/{0}', github.event.repository.default_branch) }}
visibility: "public"
tag: "${{ github.ref_name }}"
View git blame Copy permalink