From d284b8ae4dcdf67781b0f70340d59667c9e228ea Mon Sep 17 00:00:00 2001 From: Callum Leslie Date: Wed, 10 Sep 2025 13:58:28 +0100 Subject: [PATCH] ci: selective builds and flake checks --- .github/dependabot.yml | 8 +++++ .github/workflows/checks.yml | 23 +++++++++++++ .github/workflows/ci.yml | 63 ++++++++++++++++++++++++++++++++++++ flake.nix | 2 +- tools/changed_packages.sh | 3 ++ 5 files changed, 98 insertions(+), 1 deletion(-) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/checks.yml create mode 100644 .github/workflows/ci.yml create mode 100755 tools/changed_packages.sh diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..5b89d6e --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + open-pull-requests-limit: 5 diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml new file mode 100644 index 0000000..9eaf099 --- /dev/null +++ b/.github/workflows/checks.yml @@ -0,0 +1,23 @@ +name: Checks +on: + push: + pull_request: + +jobs: + flake-check: + name: Flake Check + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v5 + - uses: cachix/install-nix-action@v31 + with: + github_access_token: ${{ secrets.GITHUB_TOKEN }} + + - uses: cachix/cachix-action@v16 + with: + name: scenics + authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' + useDaemon: true + + - name: Check flake + run: nix flake check diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..e2fc67d --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,63 @@ +name: CI +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +jobs: + detect-changes: + name: Check for changed packages + runs-on: ubuntu-latest + outputs: + packages: ${{ steps.changes.outputs.packages }} + steps: + - uses: actions/checkout@v5 + with: + fetch-depth: 0 + + - name: Detect changed packages + id: changes + run: | + if [[ "${{ github.event_name }}" == "pull_request" ]]; then + CHANGED_FILES=$(git diff --name-only "origin/${{ github.base_ref }}"...HEAD) + else + CHANGED_FILES=$(git diff --name-only HEAD~1) + fi + + PACKAGES=$(echo "$CHANGED_FILES" | ./tools/changed_packages.sh) + + echo "packages=$PACKAGES" >> "$GITHUB_OUTPUT" + echo "Changed packages: $PACKAGES" + + build: + name: Build package + needs: detect-changes + runs-on: ubuntu-latest + if: needs.detect-changes.outputs.packages != '{"include":[]}' + strategy: + matrix: ${{ fromJson(needs.detect-changes.outputs.packages) }} + steps: + - uses: actions/checkout@v5 + - uses: cachix/install-nix-action@v31 + with: + github_access_token: ${{ secrets.GITHUB_TOKEN }} + + - uses: cachix/cachix-action@v16 + with: + name: scenics + authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' + skipPush: true + useDaemon: true + + - name: Build ${{ matrix.package }} + run: nix build .#${{ matrix.package }} + + buildall: + name: Build Packages + needs: build + runs-on: ubuntu-latest + if: failure() || cancelled() + steps: + - name: Fail on purpose + run: exit 1 diff --git a/flake.nix b/flake.nix index 4f64271..899fce7 100644 --- a/flake.nix +++ b/flake.nix @@ -60,7 +60,7 @@ devShells.default = pkgs.mkShell { inherit (git-hook-check) shellHook; - buildInputs = with pkgs; [nix-init alejandra]; + buildInputs = with pkgs; [nix-init alejandra jq]; }; formatter = pkgs.alejandra; diff --git a/tools/changed_packages.sh b/tools/changed_packages.sh new file mode 100755 index 0000000..c18a43a --- /dev/null +++ b/tools/changed_packages.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env sh + +grep '^pkgs/' | cut -d'/' -f2 | cut -d'.' -f1 | sort -u | jq -R '{"package": .}' | jq -sc '{"include": .}'