-
-
Notifications
You must be signed in to change notification settings - Fork 0
68 lines (52 loc) · 1.59 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: nix ci
on:
push:
jobs:
eval:
name: eval flake
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.eval.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@v9
- name: evaluate packages
id: eval
run: echo "matrix=$(nix eval --json .#ghaMatrix)" >> "$GITHUB_OUTPUT"
build:
needs: eval
strategy:
matrix: ${{ fromJson(needs.eval.outputs.matrix) }}
name: build ${{ matrix.pkg }}
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@v9
- name: setup attic
uses: ryanccn/attic-action@v0
with:
endpoint: https://attic.uku3lig.net
cache: uku
token: ${{ secrets.ATTIC_TOKEN }}
- name: build
run: nix build -L --accept-flake-config .#${{ matrix.pkg }}
deploy:
needs: build
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/somebranchnamethatwillneverexistcolonthree'
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@v9
- name: connect to tailscale
uses: tailscale/github-action@v2
with:
oauth-client-id: ${{ secrets.TS_CLIENT_ID }}
oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
tags: tag:gha
- name: copy known_hosts
run: |
set -eux
[ ! -d ~/.ssh ] && mkdir -p ~/.ssh
cp .known_hosts ~/.ssh/known_hosts
- name: deploy
run: nix run --inputs-from . 'nixpkgs#deploy-rs' -- -s