Upload things to attic

This commit is contained in:
Charlotte 🦝 Delenk 2023-01-16 13:05:54 +01:00
parent ec74ed28a0
commit 2ca9d7704b
Signed by: darkkirb
GPG key ID: AB2BD8DAF2E37122
2 changed files with 9 additions and 4 deletions

View file

@ -68,20 +68,24 @@ jobs:
nix_path: nixpkgs=channel:nixos-unstable nix_path: nixpkgs=channel:nixos-unstable
extra_nix_config: | extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs= trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs= cache:6tx18bfuH66LOfrn37EmN2YxwNZI3qNk3lKHoz/XlXI=
experimental-features = nix-command flakes ca-derivations experimental-features = nix-command flakes ca-derivations
post-build-hook = ${{ github.workspace }}/scripts/post-build-hook post-build-hook = ${{ github.workspace }}/scripts/post-build-hook
substituters = https://cache.chir.rs/ https://cache.nixos.org/ substituters = https://cache.chir.rs/ https://cache.nixos.org/ https://attic.chir.rs/cache
- name: Download patched nix - name: Download patched nix
run: nix build github:DarkKirb/nix-packages#nix-s3-dedup run: nix build github:DarkKirb/nix-packages#nix-s3-dedup
- name: Download attic
run: nix build github:DarkKirb/nix-packages#attic-client
- name: Set up secrets - name: Set up secrets
run: | run: |
echo "$NIX_CACHE_KEY" > ~/cache.key echo "$NIX_CACHE_KEY" > ~/cache.key
sudo mkdir /root/.aws sudo mkdir /root/.aws
echo "$AWS_CREDENTIALS" | sudo tee /root/.aws/credentials > /dev/null echo "$AWS_CREDENTIALS" | sudo tee /root/.aws/credentials > /dev/null
nix run github:DarkKirb/nix-packages#attic-client -- login attic-server https://attic.chir.rs/ "$ATTIC_TOKEN"
env: env:
NIX_CACHE_KEY: ${{secrets.NIX_CACHE_KEY}} NIX_CACHE_KEY: ${{secrets.NIX_CACHE_KEY}}
AWS_CREDENTIALS: ${{secrets.AWS_CREDENTIALS}} AWS_CREDENTIALS: ${{secrets.AWS_CREDENTIALS}}
ATTIC_TOKEN: ${{secrets.ATTIC_TOKEN}}
- name: install jq - name: install jq
run: sudo apt install jq run: sudo apt install jq
- name: Build ${{ matrix.package }} - name: Build ${{ matrix.package }}
@ -93,7 +97,7 @@ jobs:
if curl --output /dev/null --silent --fail "https://cache.chir.rs/$NARINFO.narinfo"; then if curl --output /dev/null --silent --fail "https://cache.chir.rs/$NARINFO.narinfo"; then
echo "${{ matrix.package }} already built. Skipping" echo "${{ matrix.package }} already built. Skipping"
else else
nix-store -r $DRV_PATH sudo /nix/var/nix/profiles/default/bin/nix run 'github:DarkKirb/nix-packages#attic-client' -- push cache $(nix-store -r $DRV_PATH)
fi fi
env: env:
NIXPKGS_ALLOW_UNFREE: 1 NIXPKGS_ALLOW_UNFREE: 1

View file

@ -2,4 +2,5 @@
set -euf set -euf
export IFS=' ' export IFS=' '
/nix/var/nix/profiles/default/bin/nix store sign --key-file /home/runner/cache.key $DRV_PATH /nix/var/nix/profiles/default/bin/nix store sign --key-file /home/runner/cache.key $DRV_PATH
/nix/var/nix/profiles/default/bin/nix run 'github:DarkKirb/nix-packages#nix-s3-dedup' -- copy --to 's3://cache-chir-rs?scheme=https&endpoint=s3.us-west-000.backblazeb2.com&secret-key=/home/runner/cache.key&multipart-upload=true&compression=zstd&compression-level=15' $DRV_PATH /nix/var/nix/profiles/default/bin/nix run 'github:DarkKirb/nix-packages#nix-s3-dedup' -- copy --to 's3://cache-chir-rs?scheme=https&endpoint=s3.us-west-000.backblazeb2.com&secret-key=/home/runner/cache.key&multipart-upload=true&compression=zstd&compression-level=15' $DRV_PATH
/nix/var/nix/profiles/default/bin/nix run 'github:DarkKirb/nix-packages#attic-client' -- push cache $OUT_PATHS