diff --git a/.forgejo/workflows/eval-shell.yaml b/.forgejo/workflows/eval-shell.yaml new file mode 100644 index 0000000..6f94edf --- /dev/null +++ b/.forgejo/workflows/eval-shell.yaml @@ -0,0 +1,19 @@ +jobs: + build-shell: + runs-on: nix + steps: + - uses: actions/checkout@v3 + - env: + STORE_ENDPOINT: https://tvix-store.dgnum.eu/infra-signing/ + STORE_PASSWORD: ${{ secrets.STORE_PASSWORD }} + STORE_USER: admin + name: Build and cache shell + run: nix-shell -A eval-shell --run "nix-cache -A devShell" +name: Build the shell +on: + pull_request: + branches: + - main + push: + branches: + - main diff --git a/default.nix b/default.nix index d03f4b4..3b34cfb 100644 --- a/default.nix +++ b/default.nix @@ -180,6 +180,7 @@ in pre-commit.shellHook = git-checks.shellHook; check-workflows.shellHook = workflows.shellHook; eval-nodes.packages = [ scripts.cache-node ]; + eval-shell.packages = [ scripts.nix-cache ]; }; }; } diff --git a/scripts/default.nix b/scripts/default.nix index b73187a..95f012b 100644 --- a/scripts/default.nix +++ b/scripts/default.nix @@ -21,6 +21,7 @@ let scripts = { cache-node = [ colmena ]; + nix-cache = [ colmena ]; check-deployment = [ colmena jq diff --git a/scripts/nix-cache.sh b/scripts/nix-cache.sh new file mode 100644 index 0000000..b8a4d71 --- /dev/null +++ b/scripts/nix-cache.sh @@ -0,0 +1,29 @@ +# SPDX-FileCopyrightText: 2024 Ryan Lahfa +# SPDX-FileCopyrightText: 2024 Tom Hubrecht +# SPDX-FileContributor: Maurice Debray +# +# SPDX-License-Identifier: EUPL-1.2 + +# Build the derivation and send it to the great beyond + +drv=$(nix-instantiate "$@") +nix-store --query --requisites --force-realise --include-outputs "$drv" | grep -v '.*\.drv' > paths.txt + +if [ "$STORE_PASSWORD" == "" ]; then + echo "No password given for the remote cache, uploading cannot take place." + exit 0 +fi + +cat <.netrc +default +login $STORE_USER +password $STORE_PASSWORD +EOF + +nix copy \ + --extra-experimental-features nix-command \ + --to "$STORE_ENDPOINT?compression=none" \ + --netrc-file .netrc \ + "$(nix-store --realise "$drv")" + +rm .netrc diff --git a/workflows/eval-shell.nix b/workflows/eval-shell.nix new file mode 100644 index 0000000..a350542 --- /dev/null +++ b/workflows/eval-shell.nix @@ -0,0 +1,29 @@ +# SPDX-FileCopyrightText: 2024 Tom Hubrecht +# +# SPDX-License-Identifier: EUPL-1.2 + +{ + name = "Build the shell"; + on = { + pull_request.branches = [ "main" ]; + push.branches = [ "main" ]; + }; + + jobs = { + build-shell = { + runs-on = "nix"; + steps = [ + { uses = "actions/checkout@v3"; } + { + name = "Build and cache shell"; + run = "nix-shell -A eval-shell --run \"nix-cache -A devShell\""; + env = { + STORE_ENDPOINT = "https://tvix-store.dgnum.eu/infra-signing/"; + STORE_USER = "admin"; + STORE_PASSWORD = "\${{ secrets.STORE_PASSWORD }}"; + }; + } + ]; + }; + }; +}