aboutsummaryrefslogtreecommitdiff
path: root/.github/workflows/ci.yml
AgeCommit message (Collapse)Author
2023-02-28WIP: pin cachix actions to 2.13.3 to see if CI will passCole Helbling
2023-02-06Bump cachix/install-nix-action from 18 to 19dependabot[bot]
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 18 to 19. - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](https://github.com/cachix/install-nix-action/compare/v18...v19) --- updated-dependencies: - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2022-10-31Bump cachix/cachix-action from 11 to 12dependabot[bot]
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 11 to 12. - [Release notes](https://github.com/cachix/cachix-action/releases) - [Commits](https://github.com/cachix/cachix-action/compare/v11...v12) --- updated-dependencies: - dependency-name: cachix/cachix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2022-10-19Bump cachix/cachix-action from 10 to 11dependabot[bot]
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 10 to 11. - [Release notes](https://github.com/cachix/cachix-action/releases) - [Commits](https://github.com/cachix/cachix-action/compare/v10...v11) --- updated-dependencies: - dependency-name: cachix/cachix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2022-10-17Bump cachix/install-nix-action from 17 to 18dependabot[bot]
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 17 to 18. - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](https://github.com/cachix/install-nix-action/compare/v17...v18) --- updated-dependencies: - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2022-09-13Add installer_test matrix for shellsAna Hobden
Signed-off-by: Ana Hobden <operator@hoverbear.org>
2022-08-29Only push Docker image when Docker secrets are setMichael Hoang
2022-07-05Restrict the permissions of the CIThéophane Hufschmitt
2022-07-01chore: Set permissions for GitHub actionsnaveen
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-10Correctly get the nix version in the docker jobThéophane Hufschmitt
`defaultPackage` doesn't exist anymore, so we can't use it. Instead just use the new CLI which should be more robust to these changes Fix #6640
2022-05-09Bump docker/login-action from 1 to 2dependabot[bot]
Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2022-04-13Bump actions/checkout from 2 to 3dependabot[bot]
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2022-04-11build(deps): bump cachix/install-nix-action from 16 to 17dependabot[bot]
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17. - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](https://github.com/cachix/install-nix-action/compare/v16...v17) --- updated-dependencies: - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2022-01-26Use the `nix` command (and flakes) in the CIregnat
Apart from a slight simplification and a bit of dogfooding, this also make the cache behavior more predictable. For example `nix build .` and `nix build nix/$(git rev-parse HEAD)` will yield the exact same path, while their “intuitive” non-flake equivalents (`nix-build` and `nix-build https://github.com/nixos/nix/archives/$(git rev-parse HEAD).tar.gz`) don’t. This was a pain for example in https://github.com/NixOS/nix/pull/5059 Also, the `bar-with-logs` log format is imho nicer (even in an non-interactive context) because prefixing each log line with the name of the derivation that produced it makes it much easier to follow what’s going on.
2022-01-21also tagging with latest commit with a `master` tagRok Garbas
2022-01-11Push docker image (only x86_64-linux right now) to hub.docker.comRok Garbas
2022-01-11Rename github workflow from Tests to CIRok Garbas