Skip to content
Build Frieren

feat ✨: s3cache #30

Sign in to view logs

feat ✨: s3cache

feat ✨: s3cache #30

Workflow file for this run

.github/workflows/build-frieren.yaml at 4d7f9e3
name: Build Frieren
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: true
docker-images: true
swap-storage: true
- name: Checkout code
uses: actions/checkout@v3
- name: Get Nixpkgs revision for nixfmt
run: |
# This should not be a URL, because it would allow PRs to run arbitrary code in CI!
url=$(jq -r .pins.nixpkgs.url npins/sources.json)
echo "url=$url" >> "$GITHUB_ENV"
- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
with:
nix_path: nixpkgs=${{ env.url }}
- name: Create /etc/nixos and copy hardware config
run: |
sudo mkdir -p /etc/nixos
sudo sh -c 'cat > /etc/nixos/hardware-configuration.nix <<EOF
{
fileSystems."/" = {
device = "/dev/disk/by-uuid/dummy";
fsType = "ext4";
};
}
EOF'
- name: Auth to s3 cache
run: |
aws --profile default configure set aws_access_key_id "${{ secrets.AWS_ACCESS_KEY_ID }}"
aws --profile default configure set aws_secret_access_key_id "${{ secrets.AWS_SECRET_ACCESS_KEY_ID }}"
- name: Build and Push
run: |
echo '${{ secrets.CACHE_PRIVATE_KEY }}' > cache-priv.pem
build=$(nix-build '<nixpkgs/nixos>' -A config.system.build.toplevel -I nixos-config=profiles/frieren/configuration.nix)
nix sign -k cache-priv.pem $build
nix copy --to 's3://nix-cache?profile=default&scheme=https&endpoint=s3.didactiklabs.io' $build