add attic action, attic token script

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
2025-01-25 22:31:01 -05:00 · 2025-01-25 22:31:01 -05:00 · 9de9cdeab3
commit 9de9cdeab3
parent 32190dec68
4 changed files with 49 additions and 3 deletions
--- a/.github/workflows/flake-health-checks.yml
+++ b/.github/workflows/flake-health-checks.yml
@ -15,6 +15,11 @@ jobs:
        os: [ubuntu-latest]
    steps:
      - uses: DeterminateSystems/nix-installer-action@main
-      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - name: Setup Attic cache
+        uses: ryanccn/attic-action@v0
+        with:
+          endpoint: ${{ secrets.ATTIC_ENDPOINT }}
+          cache: ${{ secrets.ATTIC_CACHE }}
+          token: ${{ secrets.ATTIC_TOKEN }}
      - uses: actions/checkout@v4
      - run: nix flake check --accept-flake-config
--- a/.github/workflows/flake-update.yml
+++ b/.github/workflows/flake-update.yml
@ -21,7 +21,12 @@ jobs:
          extra_nix_config: |
            experimental-features = nix-command flakes
          install_url: https://releases.nixos.org/nix/nix-2.19.0/install
-      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - name: Setup Attic cache
+        uses: ryanccn/attic-action@v0
+        with:
+          endpoint: ${{ secrets.ATTIC_ENDPOINT }}
+          cache: ${{ secrets.ATTIC_CACHE }}
+          token: ${{ secrets.ATTIC_TOKEN }}
      - name: Calculate pre-drv
        run: nix ./utils/eval-to-drv.sh pre
      # - name: Pull latest docker images
--- a/.github/workflows/nix-fmt.yml
+++ b/.github/workflows/nix-fmt.yml
@ -12,6 +12,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: DeterminateSystems/nix-installer-action@main
-      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - name: Setup Attic cache
+        uses: ryanccn/attic-action@v0
+        with:
+          endpoint: ${{ secrets.ATTIC_ENDPOINT }}
+          cache: ${{ secrets.ATTIC_CACHE }}
+          token: ${{ secrets.ATTIC_TOKEN }}
      - uses: actions/checkout@v4
      - run: nix fmt -- --check .
--- a/utils/attic-token.bash
+++ b/utils/attic-token.bash
@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+cache=""
+cache_pattern=""
+token_type=""
+
+case $token_type in
+    "cache-creator")
+        atticd-atticadm make-token --sub "$cache-cache-creator" --validity "1y" \
+            --pull "$cache_pattern" --push "$cache_pattern" --delete "$cache_pattern" \
+            --create-cache "$cache_pattern" --configure-cache "$cache_pattern" \
+            --configure-cache-retention "$cache_pattern" --destroy-cache "$cache_pattern"
+        ;;
+    "admin")
+        atticd-atticadm make-token --sub "$cache-admin" --validity "1y" --pull "$cache_pattern" \
+            --push "$cache_pattern" --configure-cache "$cache_pattern" \
+            --configure-cache-pattern "$cache_pattern"
+        ;;
+    "writer")
+        atticd-atticadm make-token --sub "$cache-writer" --validity "1y" --pull "$cache_pattern" \
+            --push "$cache_pattern"
+        ;;
+    "reader")
+        atticd-atticadm make-token --sub "$cache-reader" --validity "1y" --pull "$cache_pattern"
+        ;;
+    *)
+        echo "invalid token type: $token_type"
+        echo "available options: cache-creator, admin, writer, reader"
+        exit 1
+        ;;
+esac