feat(CI): use nix to build images #59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CD | |
| on: | |
| pull_request: | |
| push: | |
| branches: [main, beta] | |
| workflow_dispatch: | |
| jobs: | |
| test: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref || github.ref }} | |
| - uses: DeterminateSystems/nix-installer-action@v9 | |
| - uses: DeterminateSystems/magic-nix-cache-action@v2 | |
| - run: nix flake check --impure --accept-flake-config | |
| - run: nix build . --accept-flake-config | |
| release: | |
| runs-on: ubuntu-latest | |
| needs: test | |
| if: ${{ github.repository_owner == 'sciexp' && github.event_name == 'push' }} | |
| environment: | |
| name: release | |
| url: https://github.com/sciexp/flytezen/releases/tag/${{ steps.semanticrelease.outputs.git-tag }} | |
| permissions: | |
| contents: write | |
| outputs: | |
| version: ${{ steps.semanticrelease.outputs.version }} | |
| released: ${{ steps.semanticrelease.outputs.released }} | |
| git-head: ${{ steps.semanticrelease.outputs.git-head }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.ref || github.ref }} | |
| - uses: DeterminateSystems/nix-installer-action@v9 | |
| - uses: DeterminateSystems/magic-nix-cache-action@v2 | |
| - run: nix profile install .#releaseEnv | |
| - uses: cihelper/action-semanticrelease-poetry@v1 | |
| id: semanticrelease | |
| - uses: actions/upload-artifact@v3 | |
| if: ${{ steps.semanticrelease.outputs.released == 'true' }} | |
| with: | |
| name: poetry-build | |
| path: ./dist | |
| build-images: | |
| runs-on: ubuntu-latest | |
| needs: release | |
| if: ${{ needs.release.outputs.released == 'true' }} | |
| permissions: | |
| contents: read | |
| packages: write | |
| environment: | |
| name: release | |
| url: https://ghcr.io/sciexp/flytezendev | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ needs.release.outputs.git-head }} | |
| - uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: arm64 | |
| - uses: DeterminateSystems/nix-installer-action@v9 | |
| with: | |
| extra-conf: | | |
| extra-platforms = aarch64-linux | |
| - uses: DeterminateSystems/magic-nix-cache-action@v2 | |
| - uses: rlespinasse/github-slug-action@v4 | |
| with: | |
| prefix: CI_ | |
| - run: nix run .#devcontainerManifest --impure --accept-flake-config | |
| env: | |
| VERSION: ${{ needs.release.outputs.version }} | |
| GH_TOKEN: ${{ github.token }} | |
| # publish-pypi: | |
| # runs-on: ubuntu-latest | |
| # needs: release | |
| # if: ${{ needs.release.outputs.released == 'true' }} | |
| # permissions: | |
| # id-token: write | |
| # environment: | |
| # name: release | |
| # url: https://pypi.org/project/flytezen/${{needs.release.outputs.version}}/ | |
| # steps: | |
| # - uses: actions/download-artifact@v3 | |
| # with: | |
| # name: poetry-build | |
| # path: ./dist | |
| # - uses: pypa/gh-action-pypi-publish@release/v1 |