Add github workflow

2025-02-27 11:41:50 +02:00 · 2025-02-27 11:41:50 +02:00 · f86077a635
commit f86077a635
parent 460ad8d057
4 changed files with 88 additions and 0 deletions
--- a/.github/actions/attic-cache-push/action.yml
+++ b/.github/actions/attic-cache-push/action.yml
@ -0,0 +1,33 @@
+name: "Attic Watch and Push"
+description: "Composite action that logs in, sets the cache repository, starts attic watch-store in the background, and pushes results after the job completes."
+
+inputs:
+  cache_name:
+    description: "Cache name for attic login"
+    required: true
+  server:
+    description: "Server URL for attic login"
+    required: true
+  attic_auth_token:
+    description: "Authentication token for attic login"
+    required: true
+  cache_repository:
+    description: "Cache repository to use with attic"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Attic Login
+      shell: "nix shell nixpkgs#attic-client --command {0}"
+      run: |
+        attic login "${{ inputs.cache_name }}" "${{ inputs.server }}" "${{ inputs.attic_auth_token }}"
+    - name: Attic Use Repository
+      shell: "nix shell nixpkgs#attic-client --command {0}"
+      run: |
+        attic use "${{ inputs.cache_repository }}"
+    - name: Start Attic Watch-Store in Background
+      shell: "nix shell nixpkgs#attic-client --command {0}"
+      run: |
+        # Start attic watch-store in the background
+        attic watch-store &
--- a/.github/actions/attic-cache/action.yml
+++ b/.github/actions/attic-cache/action.yml
@ -0,0 +1,15 @@
+name: "Attic Watch and Push"
+description: "Composite action pushes results after the job completes. Needs prior attic-cache action to have executed successfully."
+
+inputs:
+  cache_repository:
+    description: "Cache repository to use with attic"
+    required: true
+
+runs:
+  using: "composite"
+  steps:
+    - name: Attic Push Results
+      shell: "nix shell nixpkgs#attic-client --command {0}"
+      run: |
+        attic push "${{ inputs.cache_repository }}" "./result" # TODO: Make this smarter
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -0,0 +1,39 @@
+name: CI
+
+on:
+  push:
+
+jobs:
+  build:
+    runs-on: nix
+    steps:
+      - name: Initialize CI
+        uses: https://git.qo.is/qo.is/actions-nix-init@main
+        with:
+          token: ${{ secrets.CI_TOKEN }}
+          lfs: false
+
+      - name: Add submodules to nix store to circumvent another nix bug
+        run: |
+          git clone https://git.qo.is/fabianhauser/nix-config-private.git /tmp/private
+          cd /tmp/private
+          nix flake prefetch
+
+      - name: Setup Attic Watch and Push
+        uses: ./.github/actions/attic-cache
+        with:
+          cache_name: fabianhauser
+          server: https://attic.qo.is/
+          attic_auth_token: ${{ secrets.ATTIC_AUTH_TOKEN }}
+          cache_repository: fabianhauser:dotfiles
+
+      - name: Build
+        run: nix build --max-jobs 12 --cores 12
+
+      - name: Run Checks
+        run: nix flake check
+
+      - name: Setup Cache Push
+        uses: ./.github/actions/attic-cache-push
+        with:
+          cache_repository: fabianhauser:dotfiles
--- a/flake.nix
+++ b/flake.nix
@ -76,6 +76,7 @@
              inherit (pkgs)
                nixos-rebuild
                nixos-facter
+                attic-client
                sops
                ssh-to-age
                nixd