diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7e12957..0c50110 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -83,16 +83,63 @@ jobs: github-access-token: ${{ secrets.NIX_GIT_TOKEN }} - name: "Build Example" + run: | + cd example + export NIX_CONFIG="experimental-features = nix-command flakes" + # when installed with flox, nix can't see cacert + flox build .#default --no-write-lock-file || nix build --no-write-lock-file + + test-all-action: + name: "All - Github Action Test" + runs-on: ${{ matrix.os }} + + strategy: + matrix: + os: + - "ubuntu-latest" + - "macos-latest" + + steps: + - name: "Checkout" + uses: actions/checkout@v4 + + - name: "Setup Tailscale" + if: ${{ runner.os == 'Linux' }} + uses: tailscale/github-action@v2 + with: + args: "--timeout 30s --login-server ${{ vars.TAILSCALE_URL }}" + tags: tag:ci + authkey: "${{ secrets.TAILSCALE_AUTH_KEY }}" + + - name: "Test Local Action" + uses: ./ + with: + github-access-token: ${{ secrets.NIX_GIT_TOKEN }} + substituter: s3://flox-store + substituter-key: ${{ secrets.FLOX_STORE_PUBLIC_NIX_SECRET_KEY }} + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + ssh-key: ${{ secrets.FLOXBOT_SSH_KEY }} + remote-builders: ${{ runner.os == 'Linux' && secrets.FLOX_BUILDERS || '' }} + + - name: "Test Remote Builders" + if: ${{ runner.os == 'Linux' }} env: # XXX: This is needed until we are in this limbo state and our "new" ui is # not ready yet FLOX_BASH_PASSTHRU: true run: | + export NIX_CONFIG="experimental-features = nix-command flakes" + RAND=$RANDOM + nix build -L --impure --expr '(with import { system = "x86_64-linux"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' + nix build -L --impure --expr '(with import { system = "aarch64-linux"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' + nix build -L --impure --expr '(with import { system = "x86_64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' + nix build -L --impure --expr '(with import { system = "aarch64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' cd example - flox build --no-write-lock-file + nix build --no-write-lock-file - test-all-action: - name: "All - Github Action Test" + test-nix-action: + name: "Nix - test integration with Nix" runs-on: ${{ matrix.os }} strategy: @@ -105,6 +152,11 @@ jobs: - name: "Checkout" uses: actions/checkout@v4 + - name: "Install Nix" + uses: "cachix/install-nix-action@v24" + with: + nix_path: nixpkgs=channel:nixos-unstable + - name: "Setup Tailscale" if: ${{ runner.os == 'Linux' }} uses: tailscale/github-action@v2 @@ -138,4 +190,4 @@ jobs: nix build -L --impure --expr '(with import { system = "x86_64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' nix build -L --impure --expr '(with import { system = "aarch64-darwin"; }; runCommand "foo-'"$RAND"'" {} "uname -mo > $out")' cd example - flox build --no-write-lock-file + nix build --no-write-lock-file diff --git a/badges/coverage.svg b/badges/coverage.svg index 20b5b30..fa25f9b 100644 --- a/badges/coverage.svg +++ b/badges/coverage.svg @@ -1 +1 @@ -Coverage: 6.66%Coverage6.66% \ No newline at end of file +Coverage: 6.34%Coverage6.34% \ No newline at end of file diff --git a/dist/index.js b/dist/index.js index 82c1fed..fce2978 100644 --- a/dist/index.js +++ b/dist/index.js @@ -82247,8 +82247,21 @@ async function run() { await exec.exec('bash', ['-c', utils.SCRIPTS.restartNixDaemon]) core.endGroup() - core.startGroup('Checking Flox Version') - await exec.exec('flox', ['--version']) + const flox = await which('flox', { nothrow: true }) + if (flox !== null) { + core.startGroup('Checking Flox Version') + await exec.exec('flox', ['--version']) + core.endGroup() + } + + core.startGroup('Checking Nix Version') + await exec.exec('nix', ['--version']) + await exec.exec('nix', [ + 'store', + 'ping', + '--extra-experimental-features', + 'nix-command' + ]) core.endGroup() core.startGroup('Record Nix Store Paths') diff --git a/scripts/configure-aws.sh b/scripts/configure-aws.sh index 833be7a..d81b4de 100755 --- a/scripts/configure-aws.sh +++ b/scripts/configure-aws.sh @@ -31,9 +31,11 @@ if [[ "$RUNNER_OS" == "Linux" ]]; then "Environment=AWS_SECRET_ACCESS_KEY=${INPUT_AWS_SECRET_ACCESS_KEY}" | sudo tee -a /etc/systemd/system/nix-daemon.service.d/aws-credentials.conf >/dev/null elif [[ "$RUNNER_OS" == "macOS" ]]; then - NIX_SSL_CERT_FILE="$(sudo plutil -extract EnvironmentVariables.NIX_SSL_CERT_FILE raw /Library/LaunchDaemons/org.nixos.nix-daemon.plist)" + : { - echo "NIX_SSL_CERT_FILE=$NIX_SSL_CERT_FILE" + if NIX_SSL_CERT_FILE="$(sudo plutil -extract EnvironmentVariables.NIX_SSL_CERT_FILE raw /Library/LaunchDaemons/org.nixos.nix-daemon.plist)" ; then + echo "NIX_SSL_CERT_FILE=$NIX_SSL_CERT_FILE" + fi echo "SSL_CERT_FILE=$NIX_SSL_CERT_FILE" } >>"${GITHUB_ENV}" sudo plutil \ diff --git a/src/main.js b/src/main.js index ab6beab..2b3fb1a 100644 --- a/src/main.js +++ b/src/main.js @@ -67,8 +67,21 @@ export async function run() { await exec.exec('bash', ['-c', utils.SCRIPTS.restartNixDaemon]) core.endGroup() - core.startGroup('Checking Flox Version') - await exec.exec('flox', ['--version']) + const flox = await which('flox', { nothrow: true }) + if (flox !== null) { + core.startGroup('Checking Flox Version') + await exec.exec('flox', ['--version']) + core.endGroup() + } + + core.startGroup('Checking Nix Version') + await exec.exec('nix', ['--version']) + await exec.exec('nix', [ + 'store', + 'ping', + '--extra-experimental-features', + 'nix-command' + ]) core.endGroup() core.startGroup('Record Nix Store Paths')