diff --git a/.forgejo/workflows/nix_build.yaml b/.forgejo/workflows/nix_build.yaml index 3c4b255..184f64f 100644 --- a/.forgejo/workflows/nix_build.yaml +++ b/.forgejo/workflows/nix_build.yaml @@ -2,74 +2,124 @@ name: Build all NixOS Configurations on: - push - #schedule: - # - cron: "20 12 * * *" # not to frequent, GitHub only allows a few pulls per hour jobs: - nix build: runs-on: native steps: + - uses: actions/checkout@v4 - - name: checkout repository - uses: actions/checkout@v2 - with: - depth: 0 - - - name: update nix flakes - #if: github.event_name == 'schedule' + - name: setup ssh run: | - cat < .ssh_key + cat < .id_rsa ${{ secrets.SSH_KEY }} EOF - chmod 600 .ssh_key + chmod 600 .id_rsa eval $(ssh-agent) - ssh-add .ssh_key + ssh-add .id_rsa - nix flake update - - echo $SSH_AGENT_PID - kill $SSH_AGENT_PID - rm .ssh_key - - - name: fetch and check - run: | - cat < .ssh_key - ${{ secrets.SSH_KEY }} + cat < "$GITHUB_ENV" + SSH_AUTH_SOCK="$SSH_AUTH_SOCK" + SSH_AGENT_PID=$SSH_AGENT_PID EOF - chmod 600 .ssh_key - eval $(ssh-agent) - ssh-add .ssh_key + - run: nix flake archive - nix flake archive - nix flake check --verbose --log-format raw - + - name: teardown ssh + if: always() + run: | echo $SSH_AGENT_PID kill $SSH_AGENT_PID - rm .ssh_key - - name: nix build orbi - run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel + - name: nix flake check + run: nix flake check --verbose --log-format raw - - name: nix build cream - run: nix build .#nixosConfigurations.cream.config.system.build.toplevel - - name: nix build cherry - run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel + #- name: nix build orbi + # run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel - - name: nix build chungus - run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel + #- name: nix build cream + # run: nix build .#nixosConfigurations.cream.config.system.build.toplevel - - name: push if all fine (branch update) - #if: github.event_name == 'schedule' - run: | - - git config --local user.email "action@git.ingolf-wagner.de" - git config --local user.name "Forgejo Action" - - git diff --quiet && \ - git diff --staged --quiet || \ - (git commit -am "Update Nix flakes" && git push) + #- name: nix build cherry + # run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel + + #- name: nix build chungus + # run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel + +#name: Build all NixOS Configurations + +#on: +# - push +# #schedule: +# # - cron: "20 12 * * *" # not to frequent, GitHub only allows a few pulls per hour + +#jobs: + +# nix build: +# runs-on: native +# steps: + +# - name: checkout repository +# uses: actions/checkout@v2 +# with: +# depth: 0 + +# - name: update nix flakes +# #if: github.event_name == 'schedule' +# run: | +# cat < .ssh_key +# ${{ secrets.SSH_KEY }} +# EOF +# chmod 600 .ssh_key + +# eval $(ssh-agent) +# ssh-add .ssh_key + +# nix flake update +# +# echo $SSH_AGENT_PID +# kill $SSH_AGENT_PID +# rm .ssh_key + +# - name: fetch and check +# run: | +# cat < .ssh_key +# ${{ secrets.SSH_KEY }} +# EOF +# chmod 600 .ssh_key + +# eval $(ssh-agent) +# ssh-add .ssh_key + +# nix flake archive +# nix flake check --verbose --log-format raw +# +# echo $SSH_AGENT_PID +# kill $SSH_AGENT_PID +# rm .ssh_key + +# - name: nix build orbi +# run: nix build .#nixosConfigurations.orbi.config.system.build.toplevel + +# - name: nix build cream +# run: nix build .#nixosConfigurations.cream.config.system.build.toplevel + +# - name: nix build cherry +# run: nix build .#nixosConfigurations.cherry.config.system.build.toplevel + +# - name: nix build chungus +# run: nix build .#nixosConfigurations.chungus.config.system.build.toplevel + +# - name: push if all fine (branch update) +# #if: github.event_name == 'schedule' +# run: | +# +# git config --local user.email "action@git.ingolf-wagner.de" +# git config --local user.name "Forgejo Action" +# +# git diff --quiet && \ +# git diff --staged --quiet || \ +# (git commit -am "Update Nix flakes" && git push)