jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NixOS/.github/workflows/weekly-build-cache.yml
Danilo Reyes e6c9e80a3b gitea nixos cicd
2025-09-27 21:04:50 -06:00

100 lines
3.8 KiB
YAML
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: Weekly NixOS Build & Cache
on:
schedule:
# Run every Sunday at 2 AM UTC
- cron: '0 2 * * 0'
workflow_dispatch: # Allow manual trigger
jobs:
build-and-cache:
runs-on: nixos
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Configure Git for automated commits
run: |
git config user.name "NixOS Builder Bot"
git config user.email "noreply@servidos.lat"
- name: Update flake inputs
run: |
nix flake update
- name: Check for changes
id: check_changes
run: |
if git diff --quiet flake.lock; then
echo "changes=false" >> $GITHUB_OUTPUT
echo "No changes in flake.lock"
else
echo "changes=true" >> $GITHUB_OUTPUT
echo "Changes detected in flake.lock"
fi
- name: Configure Attic cache
if: steps.check_changes.outputs.changes == 'true'
run: |
# Configure attic client to use your cache server
attic login jawz-cache https://cache.servidos.lat ${{ secrets.ATTIC_TOKEN }}
- name: Build workstation configuration
if: steps.check_changes.outputs.changes == 'true'
run: |
echo "Building workstation configuration..."
nix build .#nixosConfigurations.workstation.config.system.build.toplevel --print-build-logs
- name: Build miniserver configuration
if: steps.check_changes.outputs.changes == 'true'
run: |
echo "Building miniserver configuration..."
nix build .#nixosConfigurations.miniserver.config.system.build.toplevel --print-build-logs
- name: Build server configuration
if: steps.check_changes.outputs.changes == 'true'
run: |
echo "Building server configuration..."
nix build .#nixosConfigurations.server.config.system.build.toplevel --print-build-logs
- name: Push to cache
if: steps.check_changes.outputs.changes == 'true'
run: |
echo "Pushing builds to cache..."
# Push all built derivations to cache
if ls result* 1> /dev/null 2>&1; then
attic push jawz-cache result*
fi
# Push the specific system derivations we just built
nix build .#nixosConfigurations.workstation.config.system.build.toplevel --print-out-paths | attic push jawz-cache --stdin
nix build .#nixosConfigurations.miniserver.config.system.build.toplevel --print-out-paths | attic push jawz-cache --stdin
nix build .#nixosConfigurations.server.config.system.build.toplevel --print-out-paths | attic push jawz-cache --stdin
- name: Commit updated flake.lock
if: steps.check_changes.outputs.changes == 'true'
run: |
git add flake.lock
git commit -m "Weekly flake update: $(date -u '+%Y-%m-%d %H:%M UTC')"
git push origin main
- name: Create release tag
if: steps.check_changes.outputs.changes == 'true'
run: |
TAG_NAME="weekly-$(date -u '+%Y-%m-%d')"
git tag -a "$TAG_NAME" -m "Weekly build and cache update for $(date -u '+%Y-%m-%d')"
git push origin "$TAG_NAME"
- name: Summary
run: |
if [[ "${{ steps.check_changes.outputs.changes }}" == "true" ]]; then
echo "✅ Weekly build completed successfully!"
echo "- Updated flake.lock"
echo "- Built all NixOS configurations"
echo "- Pushed builds to Atticd cache"
echo "- Committed changes and created release tag"
else
echo " No updates needed - flake.lock is already up to date"
fi
Reference in New Issue View Git Blame Copy Permalink