Add support for nix store remote copying #892
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous integration | |
on: | |
push: | |
branches: master | |
pull_request: | |
branches: master | |
workflow_dispatch: # allows manual triggering | |
jobs: | |
cancel-running-workflows: | |
name: Cancel running workflows | |
runs-on: ubuntu-latest | |
steps: | |
- name: cancel running workflows | |
uses: styfle/cancel-workflow-action@0.11.0 | |
with: | |
access_token: ${{ github.token }} | |
test-nixpkgs: | |
name: Build & Test - Nixpkgs - ${{ matrix.bzlmodEnabled && 'bzlmod' || 'workspace' }} ${{ matrix.withNixRemote && '- NixRemote' || '' }} - ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu-latest | |
- macos-11 | |
bzlmodEnabled: | |
- true | |
- false | |
withNixRemote: | |
- true | |
- false | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3.6.0 | |
- uses: cachix/install-nix-action@v22 | |
with: | |
nix_path: nixpkgs=./docs/nixpkgs.nix | |
- name: Configure | |
env: | |
BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
run: | | |
cp .bazelrc.ci $HOME/.bazelrc | |
if [ -z "$BUILDBUDDY_API_KEY" ]; then | |
cache_setting='build --noremote_upload_local_results' | |
else | |
cache_setting="build --remote_header=x-buildbuddy-api-key=$BUILDBUDDY_API_KEY" | |
fi | |
cat >>$HOME/.bazelrc <<EOF | |
common --config=ci | |
$cache_setting | |
# no-op flag to avoid "ERROR: Config value 'ci' is not defined in any .rc file" | |
common:ci --announce_rc=false | |
EOF | |
- name: Start remote Nix server | |
if: matrix.withNixRemote && matrix.os == 'ubuntu-latest' | |
run: | | |
# Generate temporary SSH keys. | |
mkdir -p $HOME/.ssh | |
mkdir -p .github/nix-server/keys | |
ssh-keygen -t ed25519 -f .github/nix-server/keys/ci -C ci-nix-server -q -N "" | |
docker build -t nix-server -f .github/nix-server/Dockerfile . | |
docker run -d -p 2222:22 nix-server | |
cp .github/nix-server/keys/* $HOME/.ssh/ | |
sudo cp .github/nix-server/config /etc/ssh/ssh_config | |
- name: Build & test | |
env: | |
BZLMOD_ENABLED: ${{ matrix.bzlmodEnabled }} | |
NIX_REMOTE_ENABLED: matrix.withNixRemote && matrix.os == 'ubuntu-latest' | |
run: | | |
if [ "$NIX_REMOTE_ENABLED" = "true" ]; then | |
echo "Setting BAZEL_NIX_REMOTE env variable" | |
export BAZEL_NIX_REMOTE=nix-server | |
fi | |
nix-shell --pure \ | |
--keep GITHUB_REPOSITORY \ | |
--keep BZLMOD_ENABLED \ | |
--keep BAZEL_NIX_REMOTE \ | |
--run 'bash .github/build-and-test' | |
test-examples: | |
name: Build & Test - Examples | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- ubuntu-latest | |
- macos-11 | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3.6.0 | |
- uses: cachix/install-nix-action@v22 | |
with: | |
nix_path: nixpkgs=./nixpkgs.nix | |
- name: Configure | |
env: | |
BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
run: | | |
cp .bazelrc.ci $HOME/.bazelrc | |
cp .bazelrc.ci $HOME/.bazelrc | |
if [ -z "$BUILDBUDDY_API_KEY" ]; then | |
cache_setting='build --noremote_upload_local_results' | |
else | |
cache_setting="build --remote_header=x-buildbuddy-api-key=$BUILDBUDDY_API_KEY" | |
fi | |
cat >>$HOME/.bazelrc <<EOF | |
common --config=ci | |
$cache_setting | |
# no-op flag to avoid "ERROR: Config value 'ci' is not defined in any .rc file" | |
common:ci --announce_rc=false | |
EOF | |
- name: Build & test | |
run: | | |
skip() { | |
echo "Will skip $(head -n1 $2/README.md) ${1%_nix} Nix" | |
local p="$1[@]" | |
read -a ${1} <<< $(echo ${!p//$2}) | |
} | |
pushd examples/cc-template | |
echo | |
echo "::group::Running $(head -n1 README.md) with Nix" | |
nix develop --command bazel run //src:hello-world | |
popd | |
pushd examples/toolchains | |
with_nix=( $(ls) ) | |
without_nix=( cc go java ) | |
for dir in "${with_nix[@]}"; do | |
pushd "$dir" | |
echo | |
example_name="$(head -n1 README.md) with Nix" | |
if [[ -f skip-on-ci ]]; then | |
echo "Skipping $example_name" | |
popd | |
continue | |
else | |
echo "::group::Running $example_name" | |
nix-shell --command 'bazel run --config=nix :hello' | |
# TODO: all toolchains should run without Nixpkgs | |
fi | |
popd | |
done | |
for dir in "${without_nix[@]}"; do | |
pushd "$dir" | |
echo | |
echo "::group::Running $(head -n1 README.md) without Nix" | |
bazel run :hello | |
popd | |
done | |
popd | |
if [[ ${{ matrix.os }} = ubuntu* ]]; then | |
pushd examples/python-container | |
echo | |
echo "::group::Running $(head -n1 README.md) with Nix" | |
nix-shell --command 'bazel build :hello_image' | |
popd | |
pushd examples/flakes | |
echo | |
echo "::group::Running $(head -n1 README.md) with Nix" | |
nix-shell --command 'bazel run --crosstool_top=@nixpkgs_config_cc//:toolchain :hello' | |
popd | |
fi |