add build workflow
This commit is contained in:
parent
eedd589f89
commit
f3ebb0a1d3
2 changed files with 92 additions and 8 deletions
91
.github/workflows/build.yml
vendored
Normal file
91
.github/workflows/build.yml
vendored
Normal file
|
@ -0,0 +1,91 @@
|
|||
name: build
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
pull_request:
|
||||
branches:
|
||||
- main
|
||||
jobs:
|
||||
build:
|
||||
strategy:
|
||||
matrix:
|
||||
package:
|
||||
- akkoma
|
||||
- pleroma-fe
|
||||
- admin-fe
|
||||
- emoji-lotte
|
||||
- emoji-volpeon-blobfox
|
||||
- emoji-volpeon-blobfox-flip
|
||||
- emoji-volpeon-bunhd
|
||||
- emoji-volpeon-bunhd-flip
|
||||
- emoji-volpeon-drgn
|
||||
- emoji-volpeon-fox
|
||||
- emoji-volpeon-raccoon
|
||||
- emoji-volpeon-vlpn
|
||||
- lotte-art
|
||||
- drone-runner-docker
|
||||
- alco-sans
|
||||
- constructium
|
||||
- fairfax
|
||||
- fairfax-hd
|
||||
- kreative-square
|
||||
- nasin-nanpa
|
||||
- matrix-media-repo
|
||||
- mautrix-discord
|
||||
- mautrix-whatsapp
|
||||
- mautrix-signal
|
||||
- mautrix-telegram
|
||||
- python-mautrix
|
||||
- python-tulir-telethon
|
||||
- papermc
|
||||
- python-plover-stroke
|
||||
- python-rtf-tokenize
|
||||
- plover
|
||||
- plover-plugins-manager
|
||||
- python-simplefuzzyset
|
||||
- plover-plugin-emoji
|
||||
- plover-plugin-tapey-tape
|
||||
- plover-plugin-yaml-dictionary
|
||||
- plover-plugin-machine-hid
|
||||
- plover-plugin-rkb1-hid
|
||||
- plover-dict-didoesdigital
|
||||
- miifox-net
|
||||
- old-homeage
|
||||
- clean-s3-cache
|
||||
- python-instagram
|
||||
- moa
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v3
|
||||
- name: Install Nix
|
||||
uses: cachix/install-nix-action@v18
|
||||
with:
|
||||
nix_path: nixpkgs=channel:nixos-unstable
|
||||
extra_nix_config: |
|
||||
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
|
||||
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=
|
||||
experimental-features = nix-command flakes ca-derivations
|
||||
post-build-hook = ${{ github.workspace }}/scripts/post-build-hook
|
||||
substituters = https://f000.backblazeb2.com/file/cache-chir-rs/ https://cache.nixos.org/
|
||||
- name: Set up secrets
|
||||
run: |
|
||||
echo "$NIX_CACHE_KEY" > ~/cache.key
|
||||
sudo mkdir /root/.aws
|
||||
echo "$AWS_CREDENTIALS" | sudo tee /root/.aws/credentials > /dev/null
|
||||
env:
|
||||
NIX_CACHE_KEY: ${{secrets.NIX_CACHE_KEY}}
|
||||
AWS_CREDENTIALS: ${{secrets.AWS_CREDENTIALS}}
|
||||
- name: Build ${{ matrix.package }}
|
||||
run: |
|
||||
DRV_PATH=$(nix-instantiate -E '(import ./. {}).${{ matrix.package }}')
|
||||
# check if we already built it
|
||||
NARINFO=$(echo $DRV_PATH | | sed 's|/| |g' | sed 's|-| |g' | awk '{print $3}')
|
||||
if curl --output /dev/null --silent --head --fail "https://f000.backblazeb2.com/file/cache-chir-rs/$NARINFO.narinfo"; then
|
||||
echo "${{ matrix.package }} already built. Skipping"
|
||||
else
|
||||
nix-store -r $DRV_PATH
|
||||
fi
|
||||
env:
|
||||
NIXPKGS_ALLOW_UNFREE: 1
|
9
.github/workflows/update.yml
vendored
9
.github/workflows/update.yml
vendored
|
@ -19,14 +19,6 @@ jobs:
|
|||
experimental-features = nix-command flakes ca-derivations
|
||||
post-build-hook = ${{ github.workspace }}/scripts/post-build-hook
|
||||
substituters = https://f000.backblazeb2.com/file/cache-chir-rs/ https://cache.nixos.org/
|
||||
- name: Set up post-build host
|
||||
run: |
|
||||
echo "#!/bin/sh" > scripts/post-build-hook
|
||||
echo "set -euf" >> scripts/post-build-hook
|
||||
echo "export IFS=' '" >> scripts/post-build-hook
|
||||
echo "$(which nix) store sign --key-file $HOME/cache.key \$DRV_PATH" >> scripts/post-build-hook
|
||||
echo "$(which nix) copy --to 's3://cache-chir-rs?scheme=https&endpoint=s3.us-west-000.backblazeb2.com&secret-key=$HOME/cache.key&multipart-upload=true&compression=zstd&compression-level=15' \$DRV_PATH" >> scripts/post-build-hook
|
||||
chmod +x scripts/post-build-hook
|
||||
- name: Set up secrets
|
||||
run: |
|
||||
echo "$NIX_CACHE_KEY" > ~/cache.key
|
||||
|
@ -49,6 +41,7 @@ jobs:
|
|||
with:
|
||||
token: ${{secrets.GH_TOKEN}}
|
||||
commit-message: Update nix-packages
|
||||
author: Github Actions <github-actions@users.noreply.github.com>
|
||||
committer: Github Actions <github-actions@users.noreply.github.com>
|
||||
title: Automated updates for nix-packages
|
||||
body: Automated updates
|
||||
|
|
Reference in a new issue