add github action

input-output-hk · Sep 29, 2023 · 371c109 · 371c109
1 parent 92544ce
commit 371c109
Show file tree

Hide file tree

Showing 8 changed files with 1,675 additions and 1,419 deletions.
diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml
@@ -0,0 +1,41 @@
+name: Update
+run-name: ${{github.actor}} is updating capkgs
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+  pull_request:
+permissions:
+  contents: read
+  pull-requests: read
+concurrency:
+  group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
+  cancel-in-progress: true
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Cache Packages
+        id: cache-packages
+        uses: actions/cache@v3
+        with:
+          path: cache
+          key: cache-packages
+      - name: Install Nix
+        uses: cachix/install-nix-action@v23
+        with:
+          extra_nix_config: |
+            trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
+            substituters = https://cache.iog.io https://cache.nixos.org/
+      - run: echo "${{secrets.NIX_SIGNING_KEY}}" > hydra_key
+      - run: nix develop --ignore-environment --keep NIX_STORE --keep AWS_ACCESS_KEY_ID --keep AWS_SECRET_ACCESS_KEY --keep S3_ENDPOINT --command just ci
+        env:
+          AWS_ACCESS_KEY_ID: "${{secrets.AWS_ACCESS_KEY_ID}}"
+          AWS_SECRET_ACCESS_KEY: "${{secrets.AWS_SECRET_ACCESS_KEY}}"
+          S3_ENDPOINT: "${{secrets.S3_ENDPOINT}}"
+          NIX_STORE: "${{secrets.NIX_STORE}}"
+      - run: nix develop --ignore-environment --command just check
+      - run: git add packages.json
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+/cache 
diff --git a/Justfile b/Justfile
@@ -2,12 +2,26 @@
 list:
     just -l
 
+export RCLONE_S3_PROVIDER := "Cloudflare"
+export RCLONE_S3_REGION := "auto"
+
 # Based on releases.json, upload the CA contents and update packages.json
 packages *ARGS:
-    ./packages.rb \
-    --from "s3://devx?profile=r2&secret-key=hydra_key&endpoint=fc0e8a9d61fc1f44f378bdc5fdc0f638.r2.cloudflarestorage.com&region=auto&compression=zstd" \
-    --to "s3://devx?profile=r2&secret-key=hydra_key&endpoint=fc0e8a9d61fc1f44f378bdc5fdc0f638.r2.cloudflarestorage.com&region=auto&compression=zstd" \
-    --systems x86_64-linux {{ARGS}}
+    ./packages.cr \
+        --from "https://cache.iog.io" \
+        --to "s3://devx?secret-key=hydra_key&endpoint=${S3_ENDPOINT}&region=${RCLONE_S3_REGION}&compression=zstd" \
+        --nix-store "${NIX_SSH_NG_STORE}" \
+        --systems x86_64-linux {{ARGS}}
+
+# Based on releases.json, upload the CA contents and update packages.json
+ci:
+    rclone --s3-endpoint ${S3_ENDPOINT} --verbose copy s3://devx/capkgs cache
+    ./packages.cr \
+        --from "https://cache.iog.io" \
+        --to "s3://devx?secret-key=hydra_key&endpoint=${S3_ENDPOINT}&region=${RCLONE_S3_REGION}&compression=zstd" \
+        --nix-store "${NIX_SSH_NG_STORE}" \
+        --systems x86_64-linux {{ARGS}}
+    rclone --s3-endpoint ${S3_ENDPOINT} --verbose sync cache s3://devx/capkgs
 
 # Attempt to build all packages from this flake
 check:

diff --git a/flake.nix b/flake.nix
@@ -4,7 +4,7 @@
     inherit (import ./lib.nix) filterAttrs symlinkPath sane mapAndMergeAttrs aggregate;
 
     # This is a really verbose name, but it ensures we don't get collisions
-    nameOf = pkg: sane "${pkg.meta.name or pkg.meta.pname}-${pkg.org}-${pkg.repo}-${pkg.tag}";
+    nameOf = pkg: sane "${pkg.meta.name or pkg.meta.pname}-${pkg.org_name}-${pkg.repo_name}-${pkg.version}";
     pp = v: builtins.trace (builtins.toJSON v) v;
 
     packagesJson = fromJSON (readFile ./packages.json);
@@ -22,15 +22,14 @@
       validPackages;
 
     system = "x86_64-linux";
+
+    # These inputs are purely used for the devShell and hydra to avoid any
+    # evaluation and download of nixpkgs for just building a package.
     flakes = {
       nixpkgs = builtins.getFlake "github:nixos/nixpkgs?rev=bfb7dfec93f3b5d7274db109f2990bc889861caf";
       nix = builtins.getFlake "github:nixos/nix?rev=8fbb4598c24b89c73db318ca7de7f78029cd61f4";
     };
 
-    # These inputs are purely used for the devShell and hydra to avoid any
-    # evaluation and download of nixpkgs for just building a package.
-    inherit (flakes.nixpkgs.legacyPackages.${system}) mkShell nushell just ruby solargraph treefmt curl;
-
     # At least 2.17 is required for this fix: https://github.com/NixOS/nix/pull/4282
     inherit (flakes.nix.packages.${system}) nix;
   in
@@ -40,17 +39,21 @@
         constituents = attrValues inputs.self.packages.x86_64-linux;
       };
 
-      devShells.${system}.default = mkShell {
-        nativeBuildInputs = [
-          nushell
-          just
-          ruby
-          solargraph
-          nix
-          treefmt
-          curl
-        ];
-      };
+      devShells.${system}.default = with (flakes.nixpkgs.legacyPackages.${system});
+        mkShell {
+          nativeBuildInputs = [
+            crystal
+            crystalline
+            curl
+            gitMinimal
+            just
+            nix
+            nushell
+            pcre
+            treefmt
+            watchexec
+          ];
+        };
     }
     // packages;
 }