name: Build
on:
  pull_request:
  push:
jobs:
  build:
    strategy:
      matrix:
        include:
          - label: x86_64-linux
            image: ubuntu-latest
          - label: aarch64-linux
            image: ubuntu-latest
            system: aarch64-linux
          - label: x86_64-darwin
            image: macos-latest
            system: x86_64-darwin
          - label: aarch64-darwin
            image: macos-latest
            system: aarch64-darwin

    name: ${{ matrix.label }}
    runs-on: ${{ matrix.image }}
    steps:
      - uses: actions/checkout@v4.2.2

      - name: Install Nix
        uses: DeterminateSystems/nix-installer-action@b92f66560d6f97d6576405a7bae901ab57e72b6a # v15

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3.2.0
        if: matrix.system == 'aarch64-linux'

      - name: Generate System Flags
        run: |
          LOCAL_SYSTEM=$(nix-instantiate --eval --json -E 'builtins.currentSystem' | jq -r)
          HOST_SYSTEM=${HOST_SYSTEM:-$LOCAL_SYSTEM}
          if [[ "$LOCAL_SYSTEM" != "$HOST_SYSTEM" ]]; then
            echo "system_flags=--system $HOST_SYSTEM" >>"$GITHUB_ENV"
            echo "extra-platforms = $HOST_SYSTEM" | sudo tee -a /etc/nix/nix.conf
          fi
        env:
          HOST_SYSTEM: '${{ matrix.system }}'

      - name: Enable Binary Cache
        uses: cachix/cachix-action@v15
        with:
          name: colmena
          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

      - name: Build Colmena
        run: nix build -L $system_flags

      - name: Build manual
        run: nix build .#manual -L

  nix-matrix:
    runs-on: ubuntu-latest
    outputs:
      matrix: ${{ steps.set-matrix.outputs.matrix }}
    steps:
      - uses: actions/checkout@v4.2.2

      - uses: DeterminateSystems/nix-installer-action@v15
        continue-on-error: true # Self-hosted runners already have Nix installed

      - name: Enable Binary Cache
        uses: cachix/cachix-action@v15
        with:
          name: colmena
          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

      - id: set-matrix
        name: Generate Nix Matrix
        run: |
          set -Eeu
          matrix="$(nix eval --json '.#githubActions.matrix')"
          echo "matrix=$matrix" >> "$GITHUB_OUTPUT"

  nix-matrix-job:
    name: ${{ matrix.name }}
    runs-on: ${{ matrix.os }}
    needs:
      - build
      - nix-matrix
    strategy:
      matrix: ${{ fromJSON(needs.nix-matrix.outputs.matrix) }}
    steps:
      - name: Maximize build space
        uses: easimon/maximize-build-space@master
        with:
          remove-dotnet: 'true'
          build-mount-path: /nix

      - name: Set /nix permissions
        run: |
          sudo chown root:root /nix

      - uses: actions/checkout@v4.2.2

      - uses: DeterminateSystems/nix-installer-action@v15
        continue-on-error: true # Self-hosted runners already have Nix installed

      - name: Enable Binary Cache
        uses: cachix/cachix-action@v15
        with:
          name: colmena
          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'

      - name: Build ${{ matrix.attr }}
        run: |
          nix build --no-link --print-out-paths -L '.#${{ matrix.attr }}'