diff --git a/.github/workflows/cache-merge.yml b/.github/workflows/cache-merge.yml new file mode 100644 index 0000000..b6e84b6 --- /dev/null +++ b/.github/workflows/cache-merge.yml @@ -0,0 +1,86 @@ +name: Nix CI +on: + push: + # don't run on tags, run on commits + # https://github.com/orgs/community/discussions/25615 + tags-ignore: + - "**" + branches: + - main + merge_group: + schedule: + - cron: 0 0 * * * + workflow_dispatch: + +jobs: + # Merge similar `individual` caches + # Purge `individual` caches and old `common` caches + # Save new `common` caches + merge-similar-caches: + name: Merge similar caches + strategy: + matrix: + os: + - [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: Checkout this repo + uses: actions/checkout@v4 + + - name: Install nix + uses: https://github.com/DeterminateSystems/nix-installer-action@main + + - uses: nix-community/cache-nix-action@v6 + name: create and purge common cache + with: + primary-key: similar-cache-${{ matrix.os }}-common-${{ hashFiles('flake.lock') }} + # if no hit on the primary key, restore individual caches that match `ci.yaml` + restore-prefixes-all-matches: | + similar-cache-${{ matrix.os }}-individual-${{ hashFiles('flake.lock', '*.nix') }} + # do purge caches + purge: true + # purge old versions of the `common` cache and any versions of individual caches + purge-prefixes: | + similar-cache-${{ matrix.os }}-common- + # created more than 0 seconds ago relative to the start of the `Post Restore` phase + purge-created: 0 + # except the version with the `primary-key`, if it exists + purge-primary-key: never + + - uses: nix-community/cache-nix-action@v6 + name: purge some individual caches + with: + primary-key: similar-cache-${{ matrix.os }}-common-${{ hashFiles('flake.lock') }} + # if no hit on the primary key, restore individual caches that match `ci.yaml` + restore-prefixes-all-matches: | + similar-cache-${{ matrix.os }}-individual-${{ hashFiles('flake.lock', '*.nix') }} + # do purge caches + purge: true + # purge old versions of the `common` cache and any versions of individual caches + purge-prefixes: | + similar-cache-${{ matrix.os }}-individual- + # created more than 0 seconds ago relative to the start of the `Post Restore` phase + purge-created: 259200 + # except the version with the `primary-key`, if it exists + purge-primary-key: never + + # Check that the `common` cache is restored correctly + merge-similar-caches-check: + name: Check a `common` cache is restored correctly + needs: merge-similar-caches + strategy: + matrix: + os: + - [ubuntu-latest] + runs-on: ${{ matrix.os }} + steps: + - name: Checkout this repo + uses: actions/checkout@v4 + + - name: Install nix + uses: https://github.com/DeterminateSystems/nix-installer-action@main + + - name: Restore Nix store + - uses: nix-community/cache-nix-action@v6 + with: + primary-key: similar-cache-${{ matrix.os }}-common-${{ hashFiles('flake.lock') }} diff --git a/.github/workflows/flake-health-checks.yml b/.github/workflows/flake-health-checks.yml index 4035df0..a3fc849 100644 --- a/.github/workflows/flake-health-checks.yml +++ b/.github/workflows/flake-health-checks.yml @@ -15,6 +15,16 @@ jobs: os: [ubuntu-latest] steps: - uses: DeterminateSystems/nix-installer-action@main + + - name: Restore Nix store + id: restore + uses: nix-community/cache-nix-action@v6 + with: + # save a new cache every time `ci.yaml` changes + primary-key: similar-cache-${{ matrix.os }}-individual-${{ hashFiles('flake.lock', '*.nix') }} + # otherwise, restore a common cache if and only if it matches the current `ci.yaml` + restore-prefixes-first-match: similar-cache-${{ matrix.os }}-common- + - name: Setup Attic cache uses: ryanccn/attic-action@v0 with: @@ -22,9 +32,13 @@ jobs: cache: ${{ secrets.ATTIC_CACHE }} token: ${{ secrets.ATTIC_TOKEN }} skip-push: "true" + - uses: actions/checkout@v4 + - run: nix flake check --accept-flake-config + - run: nix ./utils/attic-push.bash + build-checks: name: "Build nix outputs" runs-on: ${{ matrix.os }} @@ -33,6 +47,16 @@ jobs: os: [ubuntu-latest] steps: - uses: DeterminateSystems/nix-installer-action@main + + - name: Restore Nix store + id: restore + uses: nix-community/cache-nix-action@v6 + with: + # save a new cache every time `ci.yaml` changes + primary-key: similar-cache-${{ matrix.os }}-individual-${{ hashFiles('flake.lock', '*.nix') }} + # otherwise, restore a common cache if and only if it matches the current `ci.yaml` + restore-prefixes-first-match: similar-cache-${{ matrix.os }}-common- + - name: Setup Attic cache uses: ryanccn/attic-action@v0 with: @@ -40,9 +64,27 @@ jobs: cache: ${{ secrets.ATTIC_CACHE }} token: ${{ secrets.ATTIC_TOKEN }} skip-push: "true" + - uses: actions/checkout@v4 + - name: Build all outputs run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --build . + - name: Push to Attic run: nix ./utils/attic-push.bash continue-on-error: true + + - name: Save Nix store + if: steps.restore.outputs.hit == 'false' + uses: nix-community/cache-nix-action@v6 + with: + # save a new cache every time `ci.yaml` changes + primary-key: similar-cache-${{ matrix.os }}-individual-${{ hashFiles('flake.lock', '*.nix') }} + # do purge caches + purge: true + # purge all versions of the individual cache + purge-prefixes: similar-cache-${{ matrix.os }}-individual- + # created more than 0 seconds ago relative to the start of the `Post Restore` phase + purge-created: 0 + # except the version with the `primary-key`, if it exists + purge-primary-key: never diff --git a/.github/workflows/flake-update.yml b/.github/workflows/flake-update.yml index 4c26304..4183801 100644 --- a/.github/workflows/flake-update.yml +++ b/.github/workflows/flake-update.yml @@ -5,68 +5,25 @@ on: schedule: - cron: "00 12 * * *" jobs: - createPullRequest: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - # - name: Login to Docker Hub - # uses: docker/login-action@v3 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Install Nix - uses: cachix/install-nix-action@v24 - with: - extra_nix_config: | - experimental-features = nix-command flakes auto-allocate-uids configurable-impure-env - - name: Calculate pre-drv - run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --build . - # - name: Pull latest docker images - # run: nix ./utils/fetch-docker.sh - - name: Update flake.lock (part 1) - run: nix flake update - - name: Calculate post-drv - run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --build . - # - name: Calculate diff - # run: nix ./utils/diff-evals.sh - # - name: Read diff into environment - # run: | - # delimiter="$(openssl rand -hex 8)" - # { - # echo "POSTDIFF<<${delimiter}" - # cat post-diff - # echo "${delimiter}" - # } >> $GITHUB_ENV - - - # - name: Restore flake.lock for next step - # run: git restore flake.lock - # - name: Update flake.lock - # id: update - # uses: DeterminateSystems/update-flake-lock@main - # with: - # token: ${{ secrets.GH_TOKEN_FOR_UPDATES }} - # pr-body: | - # Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action. - - # ``` - # {{ env.GIT_COMMIT_MESSAGE }} - # ``` - - # ``` - # {{ env.POSTDIFF }} - # ``` - # pr-labels: | # Labels to be set on the PR - # dependencies - # automated update_lockfile: runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' # ensure workflow_dispatch only runs on main steps: - name: Checkout repository uses: actions/checkout@v4 + - name: Install nix uses: https://github.com/DeterminateSystems/nix-installer-action@main + + - name: Restore Nix store + id: restore + uses: nix-community/cache-nix-action@v6 + with: + # save a new cache every time `ci.yaml` changes + primary-key: similar-cache-${{ matrix.os }}-individual-${{ hashFiles('flake.lock', '*.nix') }} + # otherwise, restore a common cache if and only if it matches the current `ci.yaml` + restore-prefixes-first-match: similar-cache-${{ matrix.os }}-common- + - name: Setup Attic cache uses: ryanccn/attic-action@v0 with: @@ -74,8 +31,10 @@ jobs: cache: ${{ secrets.ATTIC_CACHE }} token: ${{ secrets.ATTIC_TOKEN }} skip-push: "true" + - name: Get pre-snapshot of evaluations run: nix ./utils/eval-to-drv.sh pre + - name: Update flake.lock id: update run: | @@ -90,10 +49,13 @@ jobs: echo "EOF" >> $GITHUB_ENV rm update.log + - name: Get post-snapshot of evaluations run: nix ./utils/eval-to-drv.sh post + - name: Calculate diff run: nix ./utils/diff-evals.sh + - name: Read diff into environment run: | delimiter="$(openssl rand -hex 8)" @@ -102,6 +64,7 @@ jobs: cat post-diff echo "${delimiter}" } >> $GITHUB_ENV + - name: Write PR body template uses: https://github.com/DamianReeves/write-file-action@v1.3 with: @@ -128,6 +91,7 @@ jobs: with: files: "pr_body.template" output-filename: "pr_body.md" + - name: Save PR body id: pr_body uses: juliangruber/read-file-action@v1 @@ -161,9 +125,25 @@ jobs: pr-labels: | # Labels to be set on the PR dependencies automated + - name: Push to Attic run: nix ./utils/attic-push.bash continue-on-error: true + + - name: Save Nix store + uses: nix-community/cache-nix-action@v6 + with: + # save a new cache every time `ci.yaml` changes + primary-key: similar-cache-${{ matrix.os }}-individual-${{ hashFiles('flake.lock', '*.nix') }} + # do purge caches + purge: true + # purge all versions of the individual cache + purge-prefixes: similar-cache-${{ matrix.os }}-individual- + # created more than 0 seconds ago relative to the start of the `Post Restore` phase + purge-created: 0 + # except the version with the `primary-key`, if it exists + purge-primary-key: never + - name: Print PR number run: | echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}."