name: CI on: pull_request: push: branches: [main] jobs: build: name: Build runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: Install Nix uses: DeterminateSystems/nix-installer-action@main - uses: DeterminateSystems/magic-nix-cache-action@main - name: Check shell scripts run: | nix develop --command shellcheck ./.github/workflows/cache-test.sh - uses: DeterminateSystems/nix-installer-action@main - name: Install pnpm dependencies run: nix develop --command pnpm install - name: Check formatting run: nix develop --command pnpm run check-fmt - name: Lint run: nix develop --command pnpm run lint - name: Build run: nix develop --command pnpm run build - name: Package run: nix develop --command pnpm run package - run: git status --porcelain=v1 - run: git diff --exit-code test-no-nix: name: "Test: Nix not installed" runs-on: ubuntu-22.04 permissions: id-token: "write" contents: "read" env: ACTIONS_STEP_DEBUG: true steps: - uses: actions/checkout@v4 - name: Cache the store uses: ./ with: strict-mode: true run-x86_64-linux-untrusted: name: Run x86_64 Linux, Untrusted runs-on: ubuntu-22.04 permissions: id-token: "write" contents: "read" env: ACTIONS_STEP_DEBUG: true steps: - uses: actions/checkout@v4 - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: flakehub: true extra-conf: | narinfo-cache-negative-ttl = 0 trusted-users = root - name: Cache the store uses: ./ with: strict-mode: true - name: Check the cache isn't enabled run: | [ $(nix config show substituters) == "https://cache.nixos.org/" ] run-x86_64-linux: name: Run x86_64 Linux runs-on: ubuntu-22.04 permissions: id-token: "write" contents: "read" env: ACTIONS_STEP_DEBUG: true steps: - uses: actions/checkout@v4 - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: flakehub: true extra-conf: | narinfo-cache-negative-ttl = 0 - name: Cache the store uses: ./ with: strict-mode: true - name: Check the cache for liveness run: | .github/workflows/cache-test.sh run-x86_64-darwin: name: Run x86_64 Darwin runs-on: macos-12 permissions: id-token: "write" contents: "read" env: ACTIONS_STEP_DEBUG: true steps: - uses: actions/checkout@v4 - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: flakehub: true extra-conf: | narinfo-cache-negative-ttl = 0 - name: Cache the store uses: ./ with: strict-mode: true - name: Check the cache for liveness run: | .github/workflows/cache-test.sh run-aarch64-darwin: name: Run aarch64 Darwin concurrency: build-ARM64-macOS runs-on: macos-latest-xlarge permissions: id-token: "write" contents: "read" env: ACTIONS_STEP_DEBUG: true steps: - uses: actions/checkout@v4 - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: flakehub: true extra-conf: | narinfo-cache-negative-ttl = 0 - name: Cache the store uses: ./ with: strict-mode: true - name: Check the cache for liveness run: | .github/workflows/cache-test.sh