Skip to content

chore: stylix npins update #402

chore: stylix npins update

chore: stylix npins update #402

name: Build nishinoya
on:
push:
branches:
- main
pull_request:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
pre_job:
# continue-on-error: true # Uncomment once integration is finished
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
should_skip: ${{ steps.skip_check.outputs.should_skip }}
steps:
- id: skip_check
uses: fkirc/skip-duplicate-actions@master
with:
# All of these options are optional, so you can remove them if you are happy with the defaults
concurrent_skipping: 'never'
skip_after_successful_duplicate: 'true'
paths_ignore: '["**/README.md", "**/docs/**"]'
do_not_skip: '["pull_request", "workflow_dispatch", "schedule"]'
build:
needs: pre_job
if: ${{ needs.pre_job.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
tool-cache: false
android: true
dotnet: true
haskell: false
large-packages: false
docker-images: false
swap-storage: true
- name: Checkout code
uses: actions/checkout@v3
- name: Get Nixpkgs revision for nixfmt
run: |
# This should not be a URL, because it would allow PRs to run arbitrary code in CI!
url=$(jq -r .pins.nixpkgs.url npins/sources.json)
echo "url=$url" >> "$GITHUB_ENV"
- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
with:
nix_path: nixpkgs=${{ env.url }}
extra_nix_config: |
fallback = true
trusted-public-keys = didactiklabs-nixcache:PxLKN0+ZkP07M8g8/B6xbP6A4MYpqQg6LH7V3muiy/0= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
substituters = https://s3.didactiklabs.io/nix-cache https://cache.nixos.org/
- name: Create /etc/nixos and copy hardware config
run: |
sudo mkdir -p /etc/nixos
sudo sh -c 'cat > /etc/nixos/hardware-configuration.nix <<EOF
{
fileSystems."/" = {
device = "/dev/disk/by-uuid/dummy";
fsType = "ext4";
};
}
EOF'
- name: Auth to s3 cache
run: |
aws --profile default configure set aws_access_key_id "${{ secrets.AWS_ACCESS_KEY_ID }}"
aws --profile default configure set aws_secret_access_key "${{ secrets.AWS_SECRET_ACCESS_KEY_ID }}"
- name: Build and Push
run: |
echo '${{ secrets.CACHE_PRIVATE_KEY }}' > cache-priv.pem
build=$(nix-build '<nixpkgs/nixos>' -A config.system.build.toplevel -I nixos-config=profiles/nishinoya/configuration.nix)
nix store sign -r -k cache-priv.pem $build
nix copy --to 's3://nix-cache?profile=default&scheme=https&endpoint=s3.didactiklabs.io' $build