From 9de9cdeab379c7aee3ec9dcc5755abb246bb6fdc Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Sat, 25 Jan 2025 22:31:01 -0500 Subject: [PATCH] add attic action, attic token script Signed-off-by: ahuston-0 --- .github/workflows/flake-health-checks.yml | 7 ++++- .github/workflows/flake-update.yml | 7 ++++- .github/workflows/nix-fmt.yml | 7 ++++- utils/attic-token.bash | 31 +++++++++++++++++++++++ 4 files changed, 49 insertions(+), 3 deletions(-) create mode 100644 utils/attic-token.bash diff --git a/.github/workflows/flake-health-checks.yml b/.github/workflows/flake-health-checks.yml index 6fd56c1..d7445a7 100644 --- a/.github/workflows/flake-health-checks.yml +++ b/.github/workflows/flake-health-checks.yml @@ -15,6 +15,11 @@ jobs: os: [ubuntu-latest] steps: - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Setup Attic cache + uses: ryanccn/attic-action@v0 + with: + endpoint: ${{ secrets.ATTIC_ENDPOINT }} + cache: ${{ secrets.ATTIC_CACHE }} + token: ${{ secrets.ATTIC_TOKEN }} - uses: actions/checkout@v4 - run: nix flake check --accept-flake-config diff --git a/.github/workflows/flake-update.yml b/.github/workflows/flake-update.yml index cdc8180..394ce9d 100644 --- a/.github/workflows/flake-update.yml +++ b/.github/workflows/flake-update.yml @@ -21,7 +21,12 @@ jobs: extra_nix_config: | experimental-features = nix-command flakes install_url: https://releases.nixos.org/nix/nix-2.19.0/install - - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Setup Attic cache + uses: ryanccn/attic-action@v0 + with: + endpoint: ${{ secrets.ATTIC_ENDPOINT }} + cache: ${{ secrets.ATTIC_CACHE }} + token: ${{ secrets.ATTIC_TOKEN }} - name: Calculate pre-drv run: nix ./utils/eval-to-drv.sh pre # - name: Pull latest docker images diff --git a/.github/workflows/nix-fmt.yml b/.github/workflows/nix-fmt.yml index 374ea92..e2c2e3e 100644 --- a/.github/workflows/nix-fmt.yml +++ b/.github/workflows/nix-fmt.yml @@ -12,6 +12,11 @@ jobs: runs-on: ubuntu-latest steps: - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Setup Attic cache + uses: ryanccn/attic-action@v0 + with: + endpoint: ${{ secrets.ATTIC_ENDPOINT }} + cache: ${{ secrets.ATTIC_CACHE }} + token: ${{ secrets.ATTIC_TOKEN }} - uses: actions/checkout@v4 - run: nix fmt -- --check . diff --git a/utils/attic-token.bash b/utils/attic-token.bash new file mode 100644 index 0000000..ff7f8fd --- /dev/null +++ b/utils/attic-token.bash @@ -0,0 +1,31 @@ +#!/usr/bin/env bash + +cache="" +cache_pattern="" +token_type="" + +case $token_type in + "cache-creator") + atticd-atticadm make-token --sub "$cache-cache-creator" --validity "1y" \ + --pull "$cache_pattern" --push "$cache_pattern" --delete "$cache_pattern" \ + --create-cache "$cache_pattern" --configure-cache "$cache_pattern" \ + --configure-cache-retention "$cache_pattern" --destroy-cache "$cache_pattern" + ;; + "admin") + atticd-atticadm make-token --sub "$cache-admin" --validity "1y" --pull "$cache_pattern" \ + --push "$cache_pattern" --configure-cache "$cache_pattern" \ + --configure-cache-pattern "$cache_pattern" + ;; + "writer") + atticd-atticadm make-token --sub "$cache-writer" --validity "1y" --pull "$cache_pattern" \ + --push "$cache_pattern" + ;; + "reader") + atticd-atticadm make-token --sub "$cache-reader" --validity "1y" --pull "$cache_pattern" + ;; + *) + echo "invalid token type: $token_type" + echo "available options: cache-creator, admin, writer, reader" + exit 1 + ;; +esac