aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTravis A. Everett <travis.a.everett@gmail.com>2021-02-25 16:12:51 -0600
committerTravis A. Everett <travis.a.everett@gmail.com>2021-02-26 16:14:06 -0600
commit12ec962dd8a6d8058ba11e517d74f6a07b3dc903 (patch)
treefdaa599e777433f9262159cc683b00b89fb88998
parentc189031e8be0530d73a817571ad7f81ad5eedce6 (diff)
simplify changing cachix cache for install tests
- convert cachix cache name from an env into a secret so it (along with the token/key) can be set once per fork - use CACHIX_AUTH_TOKEN in addition to CACHIX_SIGNING_KEY; it looks like cachix will try signing key first, then auth token.
-rw-r--r--.github/workflows/test.yml34
1 files changed, 22 insertions, 12 deletions
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index bde6106e0..2531a7d35 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -8,52 +8,62 @@ jobs:
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
- env:
- CACHIX_NAME: nix-ci
+
steps:
- uses: actions/checkout@v2.3.4
with:
fetch-depth: 0
- uses: cachix/install-nix-action@v12
+ - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/cachix-action@v8
with:
name: '${{ env.CACHIX_NAME }}'
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+ authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
#- run: nix flake check
- run: nix-build -A checks.$(if [[ `uname` = Linux ]]; then echo x86_64-linux; else echo x86_64-darwin; fi)
+ check_cachix:
+ name: Cachix secret present for installer tests
+ runs-on: ubuntu-latest
+ outputs:
+ secret: ${{ steps.secret.outputs.secret }}
+ steps:
+ - name: Check for Cachix secret
+ id: secret
+ env:
+ _CACHIX_SECRETS: ${{ secrets.CACHIX_SIGNING_KEY }}${{ secrets.CACHIX_AUTH_TOKEN }}
+ run: echo "::set-output name=secret::${{ env._CACHIX_SECRETS != '' }}"
installer:
- if: github.event_name == 'push'
- needs: tests
+ needs: [tests, check_cachix]
+ if: github.event_name == 'push' && needs.check_cachix.outputs.secret == 'true'
runs-on: ubuntu-latest
- env:
- CACHIX_NAME: nix-ci
outputs:
installerURL: ${{ steps.prepare-installer.outputs.installerURL }}
steps:
- uses: actions/checkout@v2.3.4
with:
fetch-depth: 0
+ - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/install-nix-action@v12
- uses: cachix/cachix-action@v8
with:
name: '${{ env.CACHIX_NAME }}'
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+ authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- id: prepare-installer
run: scripts/prepare-installer-for-github-actions
installer_test:
- if: github.event_name == 'push'
- needs: installer
+ needs: [installer, check_cachix]
+ if: github.event_name == 'push' && needs.check_cachix.outputs.secret == 'true'
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
runs-on: ${{ matrix.os }}
- env:
- CACHIX_NAME: nix-ci
steps:
- uses: actions/checkout@v2.3.4
+ - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- uses: cachix/install-nix-action@master
with:
install_url: '${{needs.installer.outputs.installerURL}}'
- install_options: '--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve'
+ install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve"
- run: nix-instantiate -E 'builtins.currentTime' --eval
- \ No newline at end of file