jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
keycloak
NixOS/.gitea/workflows/weekly-build-cache.yml

140 lines
5.1 KiB
YAML
Raw Permalink Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: Weekly NixOS Build & Cache
on:
schedule:
- cron: "30 09 * * 1,5"
workflow_dispatch: # Allow manual trigger
jobs:
build-and-cache:
runs-on: nixos
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
token: ${{ secrets.GITEA_TOKEN }}
- name: Configure Git for automated commits
run: |
git config user.name "NixOS Builder Bot"
git config user.email "noreply@servidos.lat"
- name: Update flake inputs
run: |
nix flake update
- name: Check for changes
id: check_changes
run: |
if git diff --quiet flake.lock; then
echo "changes=false" >> $GITEA_OUTPUT
echo "No changes in flake.lock"
else
echo "changes=true" >> $GITEA_OUTPUT
echo "Changes detected in flake.lock"
fi
- name: Configure Attic cache
if: steps.check_changes.outputs.changes == 'true'
run: |
# Configure attic client to use your cache server
attic login servidos http://127.0.0.1:2343 ${{ secrets.ATTIC_TOKEN }}
- name: Build workstation configuration
if: steps.check_changes.outputs.changes == 'true'
run: |
echo "Building workstation configuration..."
nix build .#nixosConfigurations.workstation.config.system.build.toplevel --quiet
- name: Build server configuration
if: steps.check_changes.outputs.changes == 'true'
run: |
echo "Building server configuration..."
nix build .#nixosConfigurations.server.config.system.build.toplevel --quiet
- name: Build emacs-vm configuration
if: steps.check_changes.outputs.changes == 'true'
run: |
echo "Building emacs-vm configuration..."
nix build .#emacs-vm --quiet
- name: Push to cache
if: steps.check_changes.outputs.changes == 'true'
continue-on-error: true
run: |
echo "Pushing builds to cache..."
# Retry function for attic push commands
retry_attic_push() {
local max_attempts=5
local attempt=1
local command="$@"
while [ $attempt -le $max_attempts ]; do
echo "Attempt $attempt/$max_attempts: $command"
if eval "$command"; then
echo "✓ Successfully pushed to cache on attempt $attempt"
return 0
else
local exit_code=$?
echo "✗ Attempt $attempt failed with exit code $exit_code"
if [ $attempt -lt $max_attempts ]; then
echo "Waiting 2 seconds before retry..."
sleep 2
fi
attempt=$((attempt + 1))
fi
done
echo "⚠️ Failed to push to cache after $max_attempts attempts. Continuing anyway..."
return 0 # Don't fail the pipeline
}
# Push all built derivations to cache
if ls result* 1> /dev/null 2>&1; then
retry_attic_push "attic push servidos:nixos result*"
fi
# Push the specific system derivations we just built
# Get paths and push with retry (paths are already built, so this is fast)
workstation_path=$(nix build .#nixosConfigurations.workstation.config.system.build.toplevel --print-out-paths 2>/dev/null || echo "")
if [ -n "$workstation_path" ]; then
retry_attic_push "echo \"$workstation_path\" | attic push servidos:nixos --stdin"
fi
server_path=$(nix build .#nixosConfigurations.server.config.system.build.toplevel --print-out-paths 2>/dev/null || echo "")
if [ -n "$server_path" ]; then
retry_attic_push "echo \"$server_path\" | attic push servidos:nixos --stdin"
fi
emacs_path=$(nix build .#emacs-vm --print-out-paths 2>/dev/null || echo "")
if [ -n "$emacs_path" ]; then
retry_attic_push "echo \"$emacs_path\" | attic push servidos:nixos --stdin"
fi
- name: Commit updated flake.lock
if: steps.check_changes.outputs.changes == 'true'
run: |
git add flake.lock
git commit -m "Weekly flake update: $(date -u '+%Y-%m-%d %H:%M UTC')"
git push origin main
- name: Create release tag
if: steps.check_changes.outputs.changes == 'true'
run: |
TAG_NAME="weekly-$(date -u '+%Y-%m-%d')"
git tag -a "$TAG_NAME" -m "Weekly build and cache update for $(date -u '+%Y-%m-%d')"
git push origin "$TAG_NAME"
- name: Summary
run: |
if [[ "${{ steps.check_changes.outputs.changes }}" == "true" ]]; then
echo "✅ Weekly build completed successfully!"
echo "- Updated flake.lock"
echo "- Built workstation and server configurations"
echo "- Pushed builds to Atticd cache"
echo "- Committed changes and created release tag"
else
echo " No updates needed - flake.lock is already up to date"
fi
Reference in New Issue View Git Blame Copy Permalink