name: Flake Update / Build on: workflow_dispatch: schedule: # At minute 00:00 on Monday, Wednesday, and Friday. - cron: 0 0 * * 1,3,5 permissions: contents: write concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: build-minimal: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 # needed to access ghostty repo for now - name: Setup SSH uses: MrSquaare/ssh-setup-action@v3 with: host: github.com private-key: ${{ secrets.SSH_PRIVATE_KEY }} - uses: daylin-bot/actions/setup@main - uses: ./.github/actions/nix with: attic_token: ${{ secrets.ATTIC_TOKEN }} - run: git checkout -B flake-lock - name: Update nix flake run: | nix flake update --commit-lock-file printf '# Flake Lock\n\n```txt\n%s```\n' \ "$(git show -s --format='%B')" \ >> $GITHUB_STEP_SUMMARY - name: Pre-build oizys run: | nix build . attic push oizys result - name: Build run: > nix run . -- cache --host,=",othalan,algiz" --flake . --debug -- --quiet - name: Commit Updates uses: daylin-bot/actions/commit-and-push@main with: push-args: --set-upstream --force origin flake-lock build-full-at-once: needs: build-minimal runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 # needed to access ghostty repo for now - name: Setup SSH uses: MrSquaare/ssh-setup-action@v3 with: host: github.com private-key: ${{ secrets.SSH_PRIVATE_KEY }} - uses: daylin-bot/actions/setup@main - uses: ./.github/actions/nix with: attic_token: ${{ secrets.ATTIC_TOKEN }} # clean: true btrfs: true - name: Pre-build oizys run: nix build . - name: Build run: > nix run . -- build "$(nix run . -- output --host,=othalan,algiz,mannaz,naudiz --flake .)" --flake . --debug -- --keep-going --no-link - run: git show origin/flake-lock:flake.lock > updated.lock - name: Pre-build oizys run: nix build . --reference-lock-file updated.lock - name: Build Updated run: > nix run . -- build "$(nix run . -- output --host,=othalan,algiz,mannaz,naudiz --flake .)" --flake . --debug -- --keep-going --no-link --reference-lock-file updated.lock - run: | for host in othalan algiz mannaz naudiz; do for rev in current updated; do args="\"$(nix run . -- output --host $host)\" --out-link \"${host}-${rev}\"" [[ "$rev" == "updated" ]] && args="$args --reference-lock-file updated.lock" nix build $args done done - run: ls # - run: | # echo "# System Diff" >> $GITHUB_STEP_SUMMARY # nix run "nixpkgs#nvd" -- --color always diff ./current ./updated >> summary.md # printf '```\n%s\n```\n' "$(nix run "nixpkgs#nvd" -- diff ./current ./updated)" >> $GITHUB_STEP_SUMMARY # - run: df -h # - uses: actions/upload-artifact@v4 # with: # name: ${{ matrix.host }}-summary # path: summary.md # build-full: needs: build-minimal runs-on: ubuntu-latest strategy: fail-fast: false matrix: host: - othalan - algiz - mannaz - naudiz steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 # needed to access ghostty repo for now - name: Setup SSH uses: MrSquaare/ssh-setup-action@v3 with: host: github.com private-key: ${{ secrets.SSH_PRIVATE_KEY }} - uses: daylin-bot/actions/setup@main - uses: ./.github/actions/nix with: attic_token: ${{ secrets.ATTIC_TOKEN }} clean: true btrfs: true - name: Pre-build oizys run: nix build . - name: Build run: > nix run . -- build "$(nix run . -- output --host "${{ matrix.host }}" --flake .)" --flake . --debug -- --keep-going --out-link current - run: git checkout flake-lock - name: Pre-build oizys run: nix build . - name: Build Updated run: > nix run . -- build "$(nix run . -- output --host "${{ matrix.host }}" --flake .)" --flake . --debug -- --keep-going --out-link updated - run: | echo "# System Diff" >> $GITHUB_STEP_SUMMARY nix run "nixpkgs#nvd" -- --color always diff ./current ./updated >> summary.md printf '```\n%s\n```\n' "$(nix run "nixpkgs#nvd" -- diff ./current ./updated)" >> $GITHUB_STEP_SUMMARY - run: df -h - uses: actions/upload-artifact@v4 with: name: ${{ matrix.host }}-summary path: summary.md