ci: github-actions-dhall
This commit is contained in:
parent
b37a16fc93
commit
6ae55b82b0
4 changed files with 80 additions and 20 deletions
38
.github/workflows/check.dhall
vendored
Normal file
38
.github/workflows/check.dhall
vendored
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
let GithubActions =
|
||||||
|
https://github.com/regadas/github-actions-dhall/raw/master/package.dhall
|
||||||
|
sha256:9c1ae46a1d56f1c22dbc9006cbb3e569806e75d02fded38fa102935b34980395
|
||||||
|
|
||||||
|
let NIX_CONFIG =
|
||||||
|
''
|
||||||
|
accept-flake-config = true
|
||||||
|
extra-experimental-features = flakes nix-command
|
||||||
|
''
|
||||||
|
|
||||||
|
let check =
|
||||||
|
GithubActions.Job::{
|
||||||
|
, runs-on = GithubActions.RunsOn.Type.ubuntu-latest
|
||||||
|
, steps =
|
||||||
|
[ GithubActions.Step::{ uses = Some "actions/checkout@v4" }
|
||||||
|
, GithubActions.Step::{
|
||||||
|
, uses = Some "DeterminateSystems/flake-checker-action@v5"
|
||||||
|
}
|
||||||
|
, GithubActions.Step::{
|
||||||
|
, uses = Some "DeterminateSystems/nix-installer-action@v11"
|
||||||
|
}
|
||||||
|
, GithubActions.Step::{
|
||||||
|
, uses = Some "DeterminateSystems/magic-nix-cache-action@v6"
|
||||||
|
}
|
||||||
|
, GithubActions.Step::{
|
||||||
|
, env = Some (toMap { NIX_CONFIG })
|
||||||
|
, run = Some "nix flake check --show-trace"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
in GithubActions.Workflow::{
|
||||||
|
, name = "check"
|
||||||
|
, on = GithubActions.On::{
|
||||||
|
, push = Some GithubActions.Push::{ paths = Some [ "**.nix", "**.lock" ] }
|
||||||
|
}
|
||||||
|
, jobs = toMap { check }
|
||||||
|
}
|
27
.github/workflows/check.yml
vendored
27
.github/workflows/check.yml
vendored
|
@ -1,14 +1,19 @@
|
||||||
on:
|
|
||||||
push:
|
|
||||||
paths: ["**.nix", "**.lock"]
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
check:
|
check:
|
||||||
runs-on: ubuntu-latest
|
"runs-on": "ubuntu-latest"
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4
|
- uses: "actions/checkout@v4"
|
||||||
- uses: DeterminateSystems/flake-checker-action@4b90f9fc724969ff153fe1803460917c84fe00a3 # v5
|
- uses: "DeterminateSystems/flake-checker-action@v5"
|
||||||
- uses: DeterminateSystems/nix-installer-action@main
|
- uses: "DeterminateSystems/nix-installer-action@v11"
|
||||||
- uses: DeterminateSystems/magic-nix-cache-action@main
|
- uses: "DeterminateSystems/magic-nix-cache-action@v6"
|
||||||
- run: nix flake check --show-trace --accept-flake-config
|
- env:
|
||||||
|
NIX_CONFIG: |
|
||||||
|
accept-flake-config = true
|
||||||
|
extra-experimental-features = flakes nix-command
|
||||||
|
run: "nix flake check --show-trace"
|
||||||
|
name: check
|
||||||
|
'on':
|
||||||
|
push:
|
||||||
|
paths:
|
||||||
|
- "**.nix"
|
||||||
|
- "**.lock"
|
||||||
|
|
11
flake.nix
11
flake.nix
|
@ -56,7 +56,7 @@
|
||||||
luacheck.enable = true;
|
luacheck.enable = true;
|
||||||
nil.enable = true;
|
nil.enable = true;
|
||||||
nixfmt.enable = true;
|
nixfmt.enable = true;
|
||||||
nixfmt.package = pkgs.nixfmt-rfc-style;
|
nixfmt.package = self'.formatter;
|
||||||
shellcheck.enable = true;
|
shellcheck.enable = true;
|
||||||
stylua.enable = true;
|
stylua.enable = true;
|
||||||
};
|
};
|
||||||
|
@ -67,13 +67,18 @@
|
||||||
RULES = "./home/secrets/secrets.nix";
|
RULES = "./home/secrets/secrets.nix";
|
||||||
buildInputs =
|
buildInputs =
|
||||||
(with pkgs; [
|
(with pkgs; [
|
||||||
|
dhall
|
||||||
|
dhall-lsp-server
|
||||||
|
dhall-yaml
|
||||||
just
|
just
|
||||||
nix-output-monitor
|
nix-output-monitor
|
||||||
nixd
|
nixd
|
||||||
nvd
|
nvd
|
||||||
self'.formatter
|
|
||||||
])
|
])
|
||||||
++ [ inputs'.agenix.packages.agenix ]
|
++ [
|
||||||
|
inputs'.agenix.packages.agenix
|
||||||
|
self'.formatter
|
||||||
|
]
|
||||||
++ lib.optionals pkgs.stdenv.isDarwin [ inputs'.darwin.packages.darwin-rebuild ];
|
++ lib.optionals pkgs.stdenv.isDarwin [ inputs'.darwin.packages.darwin-rebuild ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,11 +1,23 @@
|
||||||
{
|
{
|
||||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||||
"extends": [
|
"extends": ["config:best-practices", "schedule:weekly", ":automergeAll"],
|
||||||
"config:best-practices",
|
"github-actions": {
|
||||||
"schedule:weekly",
|
"enabled": false
|
||||||
":automergeAll"
|
},
|
||||||
],
|
|
||||||
"nix": {
|
"nix": {
|
||||||
"enabled": true
|
"enabled": true
|
||||||
}
|
},
|
||||||
|
"customManagers": [
|
||||||
|
{
|
||||||
|
"customType": "regex",
|
||||||
|
"fileMatch": [
|
||||||
|
"(^|/)(workflow-templates|\\.(?:github|gitea|forgejo)/(?:workflows|actions))/.+\\.dhall$",
|
||||||
|
"(^|/)action\\.dhall$"
|
||||||
|
],
|
||||||
|
"matchStrings": [
|
||||||
|
"GithubActions\\.Step::{[\\s,]*uses\\s?=\\s?Some\\s?\"(?<depName>.+)@(?<currentValue>.+)\""
|
||||||
|
],
|
||||||
|
"datasourceTemplate": "github-tags"
|
||||||
|
}
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue