This repository was archived by the owner on May 5, 2025. It is now read-only.
Build Nix environments #557
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Nix environments | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - '**' | |
| - '!**.md' | |
| - '!**.adoc' | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - '**' | |
| - '!**.md' | |
| - '!**.adoc' | |
| schedule: | |
| - cron: '0 0 * * 0' # Every Sunday at midnight UTC | |
| jobs: | |
| build-darwin-env: | |
| name: Build/cache Darwin Nix env | |
| runs-on: macos-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install Nix | |
| uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup Cachix | |
| uses: cachix/cachix-action@v15 | |
| with: | |
| name: hardselius | |
| signingKey: ${{ secrets.CACHIX_SIGNING_KEY }} | |
| - name: If scheduled, update inputs | |
| if: ${{ github.event_name == 'schedule' && success() }} | |
| run: | | |
| nix flake update | |
| - name: Create /run directory | |
| run: | | |
| echo -e "run\tprivate/var/run" | sudo tee -a /etc/synthetic.conf >/dev/null | |
| /System/Library/Filesystems/apfs.fs/Contents/Resources/apfs.util -t &>/dev/null || true | |
| - name: Prevent Cachix conflict | |
| run: | | |
| nix-env --set-flag priority 1 cachix | |
| - name: Fix Sequoia nixbld users | |
| run: | | |
| echo -e "y\n" | curl --proto '=https' --tlsv1.2 -sSf -L https://github.com/NixOS/nix/raw/master/scripts/sequoia-nixbld-user-migration.sh | bash - | |
| - name: Build config | |
| run: | | |
| nix build .#darwinConfigurations.githubActions.system | |
| - name: Switch to bootstrap config | |
| run: | | |
| ./result/sw/bin/darwin-rebuild switch --flake .#githubActions | |
| - name: If scheduled, push commit with updated sources | |
| if: ${{ github.event_name == 'schedule' && success() }} | |
| run: | | |
| git add --all | |
| git commit -m "Update sources" | |
| git push | |
| build-linux-env: | |
| name: Build/cache Linux Nix env | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v2 | |
| - name: Install Nix | |
| uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} | |
| - name: Setup Cachix | |
| uses: cachix/cachix-action@v15 | |
| with: | |
| name: hardselius | |
| signingKey: ${{ secrets.CACHIX_SIGNING_KEY }} | |
| - name: Build and switch to home-manager env | |
| run: | | |
| # Prevent conflict between Cachix installed by workflow and the one installed in the config | |
| nix-env --set-flag priority 1 cachix | |
| # Build and switch to home-manager env | |
| nix build .#homeConfigurations.linuxGitHubActions.activationPackage; ./result/activate |