Skip to content

update build.sh

update build.sh #21

Workflow file for this run

name: build images
on:
schedule:
- cron: "0 2 * * *"
workflow_dispatch: {}
push: {}
jobs:
generate_matrix:
runs-on: ubuntu-20.04
outputs:
packages: ${{ steps.gen_packages.outputs.packages }}
checks: ${{ steps.gen_checks.outputs.checks }}
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v25
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org https://bri.cachix.org https://devenv.cachix.org https://perchnet.cachix.org https://nix-community.cachix.org https://devenv.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= bri.cachix.org-1:/dk2nWYOEZl/BnC8h5CTKgao5HeWjCIgY1Tuj29Bq4s= devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw= perchnet.cachix.org-1:0mwmOwJFqL+r4HKl68GZ90ATTFsi3/L4ejSUIWaYYmc =nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
trusted-users = root admin @sudo @wheel
keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.19.0/install
- name: Generate flake.json
run: |
nix flake show --json > flake.json
- id: gen_packages
run: |
packages=$(jq -c '.packages."x86_64-linux" | keys' < flake.json)
printf "::set-output name=packages::%s" "$packages"
- id: gen_checks
run: |
checks=$(jq -c '.checks."x86_64-linux" | keys' < flake.json)
printf "::set-output name=checks::%s" "$checks"
update_flake:
runs-on: ubuntu-20.04
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v25
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org https://bri.cachix.org https://devenv.cachix.org https://perchnet.cachix.org https://nix-community.cachix.org https://devenv.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= bri.cachix.org-1:/dk2nWYOEZl/BnC8h5CTKgao5HeWjCIgY1Tuj29Bq4s= devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw= perchnet.cachix.org-1:0mwmOwJFqL+r4HKl68GZ90ATTFsi3/L4ejSUIWaYYmc =nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
trusted-users = root admin @sudo @wheel
keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.19.0/install
- name: Set up git
run: |
git config user.email [email protected]
git config user.name "Git Bot"
- name: Update the flake
run: nix flake update
- name: Store flake.lock
uses: actions/upload-artifact@v4
with:
name: flake_lock
path: flake.lock
build_flake:
runs-on: ubuntu-20.04
needs: [generate_matrix, update_flake]
strategy:
fail-fast: false
max-parallel: 5
matrix:
package: ${{fromJson(needs.generate_matrix.outputs.packages)}}
steps:
# - name: Prepare store folder
# run: sudo mkdir -p /nix
- name: Free diskspace
uses: easimon/maximize-build-space@master
with:
build-mount-path: /nix
remove-dotnet: true
remove-android: true
remove-haskell: true
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v25
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org https://bri.cachix.org https://devenv.cachix.org https://perchnet.cachix.org https://nix-community.cachix.org https://devenv.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= bri.cachix.org-1:/dk2nWYOEZl/BnC8h5CTKgao5HeWjCIgY1Tuj29Bq4s= devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw= perchnet.cachix.org-1:0mwmOwJFqL+r4HKl68GZ90ATTFsi3/L4ejSUIWaYYmc =nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
trusted-users = root admin @sudo @wheel
keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.19.0/install
- name: Set up cachix
uses: cachix/cachix-action@master # pathsToPush, please update once we have v11!
with:
name: bri
signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
pathsToPush: result
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Build everything
run: cachix watch-exec bri -- nix build .#${{ matrix.package }}
build_images:
runs-on: ubuntu-20.04
needs: [update_flake]
strategy:
fail-fast: false
max-parallel: 5
matrix:
ARCH: [ "x86_64" ]
OS: [ "linux" ]
TARGET:
- "server"
- "bri"
FORMAT:
- "proxmox"
- "raw-efi"
- "iso"
steps:
# - name: Prepare store folder
# run: sudo mkdir -p /nix
- name: Free diskspace
uses: easimon/maximize-build-space@master
with:
build-mount-path: /nix
remove-dotnet: true
remove-android: true
remove-haskell: true
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v25
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org https://bri.cachix.org https://devenv.cachix.org https://perchnet.cachix.org https://nix-community.cachix.org https://devenv.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= bri.cachix.org-1:/dk2nWYOEZl/BnC8h5CTKgao5HeWjCIgY1Tuj29Bq4s= devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw= perchnet.cachix.org-1:0mwmOwJFqL+r4HKl68GZ90ATTFsi3/L4ejSUIWaYYmc =nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
trusted-users = root admin @sudo @wheel
keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.19.0/install
- name: Set up cachix
uses: cachix/cachix-action@master # pathsToPush, please update once we have v11!
with:
name: bri
signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
pathsToPush: result
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Build everything
run: |
set -x
mkdir -p build
cp -LR "$(cachix watch-exec bri -- nix build ".#nixosConfigurations.${{matrix.TARGET}}@${{matrix.ARCH}}-${{matrix.OS}}.config.formats.${{matrix.FORMAT}}" --print-out-paths --show-trace --accept-flake-config)" build/
- name: list outputs
run: |
find build
- name: rename build
run: |
case "${{matrix.FORMAT}}" in
"proxmox")
EXT="vma.zst"
;;
"raw-efi")
EXT="img"
;;
"iso")
EXT="iso"
;;
esac
if [[ "${EXT}" == "vma.zst" ]] ; then
for i in build/*.${EXT} ; do
mv "$i" build/"vzdump-qemu-${{matrix.TARGET}}_$(basename ${i})"
done
else
for i in build/*.${EXT} ; do
mv "$i" build/"${{matrix.TARGET}}_$(basename ${i})"
done
fi
- run: |
case "${{matrix.FORMAT}}" in
"proxmox")
DESTDIR="dump"
;;
"raw-efi")
DESTDIR="images"
;;
"iso")
DESTDIR="template/iso"
;;
esac
printenv UPLOAD_SSH_KEY > /tmp/ci-upload.key
chmod 600 /tmp/ci-upload.key
chmod -R 755 build
scp -C -i /tmp/ci-upload.key -oStrictHostKeyChecking=no -oport=222 -oidentitiesonly=true -oPasswordAuthentication=no build/* [email protected]:${DESTDIR}
# nix build .#${{ matrix.package }}
# build_checks:
# runs-on: ubuntu-20.04
# needs: [generate_matrix, update_flake]
# strategy:
# fail-fast: false
# max-parallel: 5
# matrix:
# check: ${{fromJson(needs.generate_matrix.outputs.checks)}}
# steps:
# - name: Clone repository
# uses: actions/checkout@v4
# with:
# token: "${{ secrets.GITHUB_TOKEN }}"
# - name: Install nix
# uses: cachix/install-nix-action@v25
# with:
# extra_nix_config: |
# auto-optimise-store = true
# access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
# experimental-features = nix-command flakes
# substituters = https://cache.nixos.org https://bri.cachix.org https://devenv.cachix.org https://perchnet.cachix.org https://nix-community.cachix.org https://devenv.cachix.org
# trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= bri.cachix.org-1:/dk2nWYOEZl/BnC8h5CTKgao5HeWjCIgY1Tuj29Bq4s= devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw= perchnet.cachix.org-1:0mwmOwJFqL+r4HKl68GZ90ATTFsi3/L4ejSUIWaYYmc =nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
# trusted-users = root admin @sudo @wheel
# keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
# install_url: https://releases.nixos.org/nix/nix-2.19.0/install
# - name: Set up cachix
# uses: cachix/cachix-action@master # pathsToPush, please update once we have v11!
# with:
# name: bri
# signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
# skipPush: true
# - name: Restore flake.lock
# uses: actions/download-artifact@v4
# with:
# name: flake_lock
# - name: Build everything
# run: nix flake check -j auto --system ${ARCH//arm/aarch}-${CIRRUS_OS} --impure --show-trace --accept-flake-config
# #run: nix build .#checks.x86_64-linux.${{ matrix.check }} --no-link
check_flake:
runs-on: ubuntu-20.04
needs: [update_flake]
continue-on-error: true
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v25
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org https://bri.cachix.org https://devenv.cachix.org https://perchnet.cachix.org https://nix-community.cachix.org https://devenv.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= bri.cachix.org-1:/dk2nWYOEZl/BnC8h5CTKgao5HeWjCIgY1Tuj29Bq4s= devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw= perchnet.cachix.org-1:0mwmOwJFqL+r4HKl68GZ90ATTFsi3/L4ejSUIWaYYmc =nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
trusted-users = root admin @sudo @wheel
keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.19.0/install
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Build everything
run: |
nix flake check --keep-going
push_update:
runs-on: ubuntu-20.04
permissions: write-all
needs: [update_flake, build_flake, check_flake]
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Set up git
run: |
git config user.email [email protected]
git config user.name "Git Bot"
- name: Create and merge PR
run: |
git switch -c updates-${{ github.run_id }}
git commit -am "flake.lock: Update"
git push -u origin updates-${{ github.run_id }}
PR=$(gh pr create \
--assignee b- \
--base main \
--body "Automatic flake update on $(date -I)" \
--fill \
--label bot \
--title "Auto update $(date -I)")
gh pr merge $PR --merge --delete-branch
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}