Pin nixpkgs to working commit #3833
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
pull_request: | |
merge_group: | |
push: | |
branches: | |
- "master" | |
concurrency: | |
group: ${{ github.repository }}-${{ github.workflow }} | |
cancel-in-progress: false | |
jobs: | |
nix-matrix: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.set-matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: cachix/install-nix-action@v30 | |
- id: set-matrix | |
name: Generate Nix Matrix | |
run: | | |
set -euo pipefail | |
matrix="$(nix eval --json '.#githubActions.matrix')" | |
echo "matrix=${matrix}" >> "$GITHUB_OUTPUT" | |
nix-build: | |
needs: nix-matrix | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
max-parallel: 10 | |
matrix: ${{ fromJSON(needs.nix-matrix.outputs.matrix) }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: cachix/install-nix-action@v30 | |
- uses: cachix/cachix-action@v15 | |
with: | |
name: poetry2nix | |
authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }} | |
- run: nix build -L ".#${{ matrix.attr }}" --keep-going | |
nix-build-shell: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu-latest | |
- macos-13 | |
- macos-14 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: cachix/install-nix-action@v30 | |
- uses: cachix/cachix-action@v15 | |
with: | |
name: poetry2nix | |
authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }} | |
- name: compute system from nixpkgs | |
run: | | |
echo "NIXPKGS_SYSTEM=$(nix eval --raw 'nixpkgs#system')" >> "$GITHUB_ENV" | |
- run: nix build -L ".#devShells.${NIXPKGS_SYSTEM}.default" --keep-going | |
nix-flake-show: | |
# ensure flake-exposed endpoints (apps, packages, devShells) are of correct types | |
# (something like apps.${SYSTEM}.<app> can be hard to get right) | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu-latest | |
- macos-13 | |
- macos-14 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: cachix/install-nix-action@v30 | |
- uses: cachix/cachix-action@v15 | |
with: | |
name: poetry2nix | |
authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }} | |
- run: nix flake show --all-systems | |
test-template: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu-latest | |
- macos-13 | |
- macos-14 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: cachix/install-nix-action@v30 | |
- uses: cachix/cachix-action@v15 | |
with: | |
name: poetry2nix | |
authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }} | |
- name: create flake template test directory | |
run: echo "TESTDIR=$(mktemp -d)" >> "$GITHUB_ENV" | |
- name: initialize flake from poetry2nix template | |
working-directory: ${{ env.TESTDIR }} | |
run: nix flake init --template "$GITHUB_WORKSPACE" | |
- name: force flake to our poetry2nix version | |
working-directory: ${{ env.TESTDIR }} | |
run: nix flake lock --override-input poetry2nix "$GITHUB_WORKSPACE" | |
- name: generate poetry.lock | |
working-directory: ${{ env.TESTDIR }} | |
run: nix develop '.#poetry' -c poetry lock --no-update | |
- name: create a minimal python package | |
working-directory: ${{ env.TESTDIR }} | |
run: | | |
touch README.md | |
mkdir poetry2nix_template_test | |
touch poetry2nix_template_test/__init__.py | |
- name: build the flake | |
working-directory: ${{ env.TESTDIR }} | |
run: nix build --keep-going -L --show-trace | |
collect: | |
runs-on: ubuntu-latest | |
needs: | |
- nix-build | |
- nix-build-shell | |
- test-template | |
- nix-flake-show | |
steps: | |
- run: exit 0 | |
release: | |
if: github.ref == 'refs/heads/master' | |
needs: collect | |
name: "Release" | |
runs-on: "ubuntu-latest" | |
permissions: | |
contents: write | |
pull-requests: read | |
steps: | |
- uses: actions/checkout@v4 | |
- name: "Generate tag" | |
id: tag | |
run: echo "tag=$(./tools/auto_version.py)" >> "$GITHUB_OUTPUT" | |
- uses: "marvinpinto/action-automatic-releases@latest" | |
with: | |
repo_token: "${{ secrets.GITHUB_TOKEN }}" | |
automatic_release_tag: "${{ steps.tag.outputs.tag }}" | |
prerelease: false |