mirror of
https://github.com/harivansh-afk/nix.git
synced 2026-04-20 01:00:31 +00:00
Harivansh Rathi
0aab0a4d61
- remove macOS-era `sudo mkdir /Users/rathi/...` shim steps from flake-check and nix-format (Linux runner, paths don't exist, gitea-runner has no sudo) - deploy-netty now runs `sudo nixos-rebuild switch --flake .#netty` directly on the runner (it *is* netty), no SSH, no `just switch-netty` - grant gitea-runner NOPASSWD sudo for nixos-rebuild only - apply current nixfmt to home/scripts.nix, hermes-gateway.nix, devshells.nix Made-with: Cursor
64 lines
1.4 KiB
YAML
64 lines
1.4 KiB
YAML
name: quality
|
|
|
|
on:
|
|
pull_request:
|
|
branches: [main]
|
|
push:
|
|
branches: [main]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
changes:
|
|
runs-on: native
|
|
outputs:
|
|
quality: ${{ steps.filter.outputs.quality }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: dorny/paths-filter@v3
|
|
id: filter
|
|
with:
|
|
filters: |
|
|
quality:
|
|
- "**/*.nix"
|
|
- "flake.lock"
|
|
- "flake.nix"
|
|
- "justfile"
|
|
- "ci/**"
|
|
- "config/**"
|
|
- "scripts/**"
|
|
- ".github/workflows/**"
|
|
|
|
flake-check:
|
|
name: Flake Check
|
|
runs-on: native
|
|
needs: changes
|
|
if: ${{ needs.changes.outputs.quality == 'true' }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- run: nix flake check
|
|
|
|
nix-format:
|
|
name: Nix Format Check
|
|
runs-on: native
|
|
needs: changes
|
|
if: ${{ needs.changes.outputs.quality == 'true' }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- run: nix fmt -- --ci
|
|
|
|
deploy-netty:
|
|
name: Deploy netty
|
|
runs-on: native
|
|
needs: [changes, flake-check, nix-format]
|
|
if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && needs.changes.outputs.quality == 'true' }}
|
|
concurrency:
|
|
group: deploy-netty
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Rebuild netty
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
sudo nixos-rebuild switch --flake ".#netty"
|