add deploy-rs and workflow

2024-01-19 00:45:43 +01:00 · 2024-01-19 00:45:43 +01:00 · a7076e8074
commit a7076e8074
parent ab0244aeb3
5 changed files with 148 additions and 24 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -0,0 +1,66 @@
+name: nix ci
+
+on:
+  push:
+
+jobs:
+  eval:
+    name: eval flake
+    runs-on: ubuntu-latest
+
+    outputs:
+      matrix: ${{ steps.eval.outputs.matrix }}
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: DeterminateSystems/nix-installer-action@v9
+
+      - name: evaluate packages
+        id: eval
+        run: echo "matrix=$(nix eval --json .#ghaMatrix)" >> "$GITHUB_OUTPUT"
+
+  build:
+    needs: eval
+    strategy:
+      matrix: ${{ fromJson(needs.eval.outputs.matrix) }}
+
+    name: build ${{ matrix.pkg }}
+    runs-on: ${{ matrix.os }}
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: DeterminateSystems/nix-installer-action@v9
+
+      - name: setup cachix
+        uses: cachix/cachix-action@v13
+        with:
+          name: uku3lig
+          authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
+
+      - name: build
+        run: nix build -L --accept-flake-config .#${{ matrix.pkg }}
+
+  deploy:
+    needs: build
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - uses: DeterminateSystems/nix-installer-action@v9
+
+      - name: connect to tailscale
+        uses: tailscale/github-action@v2
+        with:
+          oauth-client-id: ${{ secrets.TS_CLIENT_ID }}
+          oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
+          tags: tag:gha
+
+      - name: copy known_hosts
+        run: |
+          set -eux
+
+          [ ! -d ~/.ssh ] && mkdir -p ~/.ssh
+          cp .known_hosts ~/.ssh/known_hosts
+
+      - name: deploy
+        run: nix run --inputs-from . 'nixpkgs#deploy-rs' -- -s