ci: split out reusable actions

nix-community · Nov 7, 2023 · f784af4 · f784af4
1 parent 6e3d83b
commit f784af4
Show file tree

Hide file tree

Showing 7 changed files with 217 additions and 119 deletions.
diff --git a/.github/actions/build-nix-expression/action.yml b/.github/actions/build-nix-expression/action.yml
@@ -0,0 +1,27 @@
+inputs:
+  expression:
+    description: 'Nix expression to build'
+    required: true
+
+outputs:
+  derivation:
+    description: 'Path to the built derivation'
+    value: ${{ steps.build.outputs.derivation }}
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Install Nix ❄️
+      uses: ./.github/actions/install-nix
+
+    - name: Build ${{ inputs.expression }} 🛠️
+      id: build
+      shell: bash
+      run: |
+        JSON=$(mktemp)
+        (nix build -L ${{ inputs.expression }} --no-link --json >$JSON) |& sed -uE 's/^(trace: +)?warning:(\s+|$)/::warning::/;s/^(trace: +)?error:(\s+|$)/::error::/;s/^trace:(\s+|$)/::notice::trace: /'
+        DRV=$(jq -r .[0].outputs.out <$JSON)
+        echo "derivation=$DRV" >> $GITHUB_OUTPUT
+        echo "- Built \`$DRV\`" >> $GITHUB_STEP_SUMMARY
+        echo "    - $(nix show-derivation -r $DRV | jq 'keys[]' | wc -l) derivations in closure" >> $GITHUB_STEP_SUMMARY
+        echo "    - $(nix path-info -S --json $DRV | jq -r '.[0].closureSize' | xargs numfmt --to=iec-i --suffix=B --format='%.3f') total size" >> $GITHUB_STEP_SUMMARY
diff --git a/.github/actions/build-wsl-tarball/action.yml b/.github/actions/build-wsl-tarball/action.yml
@@ -0,0 +1,20 @@
+inputs:
+  config:
+    description: 'System configuration to build'
+    required: true
+  filename:
+    description: 'Filename to save the image as'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Build tarball builder 🛠️
+      id: buildBuilder
+      uses: ./.github/actions/build-nix-expression
+      with:
+        expression: '.#nixosConfigurations.${{ inputs.config }}.config.system.build.tarballBuilder'
+
+    - name: Build tarball 📦
+      shell: bash
+      run: sudo ${{ steps.buildBuilder.outputs.derivation }}/bin/nixos-wsl-tarball-builder ${{ inputs.filename }}
diff --git a/.github/actions/install-nix/action.yml b/.github/actions/install-nix/action.yml
@@ -0,0 +1,19 @@
+runs:
+  using: 'composite'
+  steps:
+    - name: Check for nix ✅
+      id: check-nix
+      shell: bash
+      run: |
+        if command -v nix &> /dev/null
+        then
+          echo "nix-found=true" | tee -a $GITHUB_OUTPUT
+        else
+          echo "nix-found=false" | tee -a $GITHUB_OUTPUT
+        fi
+
+    - name: Install Nix ❄️
+      if: ${{ steps.check-nix.outputs.nix-found != 'true' }}
+      uses: cachix/install-nix-action@v22
+      with:
+        github_access_token: ${{ github.token }}
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -1,4 +1,4 @@
-name: 'CI'
+name: "CI"
 
 on:
   push:
@@ -7,130 +7,16 @@ on:
   workflow_call: {}
 
 jobs:
-  prepare:
-    name: Prepare 🚀
-    runs-on: ubuntu-latest
-    outputs:
-      tests: ${{ steps.tests.outputs.tests }}
-      checks: ${{ steps.checks.outputs.checks }}
-      version: ${{ steps.version.outputs.version }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Install nix ❄️
-        uses: cachix/install-nix-action@6a9a9e84a173d90b3ffb42c5ddaf9ea033fad011 # v23
-        with:
-          extra_nix_config: 'access-tokens = github.com=${{ github.token }}'
-
-      - name: Find tests 🔍
-        id: tests
-        run: |
-          find tests -name '*.Tests.ps1' -print0 | perl -pe 's|(.*?)\x0|"\1",|g;s|,$||;s|(.*)|tests=[\1]|' >> $GITHUB_OUTPUT
-
-      - name: Find checks 🔍
-        id: checks
-        run: |
-          nix-instantiate --json --eval --strict -E 'with builtins; attrNames (getFlake (toString ./.)).checks.${currentSystem}' | perl -pe 's|(.*)|checks=\1|' >>$GITHUB_OUTPUT
-
-      - name: Generate Version 🏷️
-        id: version
-        run: |
-          TAG_COUNT=$(git rev-list --tags --no-walk --count)                                                                 # Count all tags
-          COMMIT_COUNT=$(git rev-list --use-bitmap-index --count $(git rev-list --tags --no-walk --max-count=1)..HEAD)       # Count all commits since the last tag
-          NIXOS_VERSION=$(nix-instantiate --eval -E '(import ./.).inputs.nixpkgs.lib.version' | sed -E 's/"(.+\...).*"/\1/') # Get NixOS version from nixpkgs
-          NIXOS_VERSION_MS=$(echo $NIXOS_VERSION | sed -E 's/\.0*(.+)/\.\1/')                                                # Remove the leading 0 from the minor version (if it exists)
-          NIXOS_WSL_VERSION=${NIXOS_VERSION_MS}.${TAG_COUNT}.${COMMIT_COUNT}                                                 # Compose the NixOS-WSL version number
-          echo "version=$NIXOS_WSL_VERSION" >> $GITHUB_OUTPUT
-
   build:
     name: Build 🛠️
-    needs:
-      - prepare
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        config:
-          - modern
-          - legacy
-          - test
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Install nix ❄️
-        uses: cachix/install-nix-action@6a9a9e84a173d90b3ffb42c5ddaf9ea033fad011 # v23
-        with:
-          extra_nix_config: 'access-tokens = github.com=${{ github.token }}'
-
-      - name: Set version 🏷️
-        run: |
-          echo ${{ needs.prepare.outputs.version }} > ./VERSION
-          echo $(git rev-parse HEAD) >> ./VERSION
-
-      - name: Build tarballs 🛠️
-        # We can't just nix run here because nix is not on root's PATH in the container
-        run: |
-          nix build .#nixosConfigurations.${{ matrix.config }}.config.system.build.tarballBuilder
-          sudo ./result/bin/nixos-wsl-tarball-builder nixos-wsl.tar.gz
-
-      - name: Upload tarball 📤
-        uses: actions/upload-artifact@v3
-        with:
-          name: tarball-${{ matrix.config }}
-          path: nixos-wsl.tar.gz
+    uses: ./.github/workflows/run_build.yml
 
   checks:
-    name: Flake Check 📋
-    needs:
-      - prepare
-    strategy:
-      fail-fast: false
-      matrix:
-        check: ${{ fromJSON(needs.prepare.outputs.checks) }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Install nix ❄️
-        uses: cachix/install-nix-action@6a9a9e84a173d90b3ffb42c5ddaf9ea033fad011 # v23
-        with:
-          extra_nix_config: 'access-tokens = github.com=${{ github.token }}'
-
-      - name: Run check 📋
-        run: |
-          nix build -L --impure --expr "with builtins; (getFlake (toString ./.)).checks.\${currentSystem}.${{ matrix.check }}"
+    name: Flake Checks 📋
+    uses: ./.github/workflows/run_checks.yml
 
   tests:
     name: Test 🧪
+    uses: ./.github/workflows/run_tests.yml
     needs:
-      - prepare
       - build
-    strategy:
-      fail-fast: false
-      matrix:
-        test: ${{ fromJSON(needs.prepare.outputs.tests) }}
-        os:
-          - ubuntu-20.04
-          # - windows-latest # doesn't work due to lack of nested virtualization on the runners, hopefully this will work one day
-    runs-on: ${{ matrix.os }}
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Download tarball 📥
-        uses: actions/download-artifact@v3
-        with:
-          name: tarball-test
-
-      - name: Execute test 🧪
-        shell: pwsh
-        run: |
-          Invoke-Pester -Output Detailed ${{ matrix.test }}
diff --git a/.github/workflows/run_build.yml b/.github/workflows/run_build.yml
@@ -0,0 +1,48 @@
+name: Build Tarballs 🛠️
+
+on:
+  workflow_call: {}
+
+jobs:
+  build:
+    name: Build 🛠️
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        config:
+          - modern
+          - legacy
+          - test
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install Nix ❄️
+        uses: ./.github/actions/install-nix
+
+      - name: Generate Version 🏷️
+        id: version
+        run: |
+          TAG_COUNT=$(git rev-list --tags --no-walk --count)                                                                 # Count all tags
+          COMMIT_COUNT=$(git rev-list --use-bitmap-index --count $(git rev-list --tags --no-walk --max-count=1)..HEAD)       # Count all commits since the last tag
+          NIXOS_VERSION=$(nix-instantiate --eval -E '(import ./.).inputs.nixpkgs.lib.version' | sed -E 's/"(.+\...).*"/\1/') # Get NixOS version from nixpkgs
+          NIXOS_VERSION_MS=$(echo $NIXOS_VERSION | sed -E 's/\.0*(.+)/\.\1/')                                                # Remove the leading 0 from the minor version (if it exists)
+          NIXOS_WSL_VERSION=${NIXOS_VERSION_MS}.${TAG_COUNT}.${COMMIT_COUNT}                                                 # Compose the NixOS-WSL version number
+          echo "version=$NIXOS_WSL_VERSION" >> $GITHUB_OUTPUT
+
+          echo $NIXOS_WSL_VERSION > ./VERSION
+          echo $(git rev-parse HEAD) >> ./VERSION
+
+      - name: Build Tarball 🛠️
+        uses: ./.github/actions/build-wsl-tarball
+        with:
+          config: ${{ matrix.config }}
+          filename: nixos-wsl.tar.gz
+
+      - name: Upload Tarball 📤
+        uses: actions/upload-artifact@v3
+        with:
+          name: tarball-${{ matrix.config }}
+          path: nixos-wsl.tar.gz
diff --git a/.github/workflows/run_checks.yml b/.github/workflows/run_checks.yml
@@ -0,0 +1,46 @@
+name: Flake Checks 📋
+
+on:
+  workflow_call: {}
+
+jobs:
+  prepare:
+    name: Find Checks 🔍
+    runs-on: ubuntu-latest
+    outputs:
+      checks: ${{ steps.checks.outputs.checks }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install Nix ❄️
+        uses: ./.github/actions/install-nix
+
+      - name: Find Checks 🔍
+        id: checks
+        run: |
+          nix-instantiate --json --eval --strict -E 'with builtins; attrNames (getFlake (toString ./.)).checks.${currentSystem}' | perl -pe 's|(.*)|checks=\1|' >>$GITHUB_OUTPUT
+
+  checks:
+    name: Check 📋
+    needs:
+      - prepare
+    strategy:
+      fail-fast: false
+      matrix:
+        check: ${{ fromJSON(needs.prepare.outputs.checks) }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install Nix ❄️
+        uses: ./.github/actions/install-nix
+
+      - name: Run Check 📋
+        run: |
+          nix build -L --impure --expr "with builtins; (getFlake (toString ./.)).checks.\${currentSystem}.${{ matrix.check }}"
diff --git a/.github/workflows/run_tests.yml b/.github/workflows/run_tests.yml
@@ -0,0 +1,52 @@
+name: Test 🧪
+
+on:
+  workflow_call: {}
+
+jobs:
+  prepare:
+    name: Find Tests 🔍
+    runs-on: ubuntu-latest
+    outputs:
+      tests: ${{ steps.tests.outputs.tests }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Install Nix ❄️
+        uses: ./.github/actions/install-nix
+
+      - name: Find Tests 🔍
+        id: tests
+        run: |
+          find tests -name '*.Tests.ps1' -print0 | perl -pe 's|(.*?)\x0|"\1",|g;s|,$||;s|(.*)|tests=[\1]|' >> $GITHUB_OUTPUT
+
+  tests:
+    name: Test 🧪
+    needs:
+      - prepare
+    strategy:
+      fail-fast: false
+      matrix:
+        test: ${{ fromJSON(needs.prepare.outputs.tests) }}
+        os:
+          - ubuntu-20.04
+          # - windows-latest # doesn't work due to lack of nested virtualization on the runners, hopefully this will work one day
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Download Tarball 📥
+        uses: actions/download-artifact@v3
+        with:
+          name: tarball-test
+
+      - name: Execute Test 🧪
+        shell: pwsh
+        run: |
+          Invoke-Pester -Output Detailed ${{ matrix.test }}