Skip to content

Migrate CI and dev environment to use a Nix flake #206

Migrate CI and dev environment to use a Nix flake

Migrate CI and dev environment to use a Nix flake #206

Workflow file for this run

name: CI
# Trigger the workflow on push or pull request, but only for the master branch
on:
pull_request:
push:
branches: [master]
tags:
- "v*"
workflow_dispatch:
# INFO: The following configuration block ensures that only one build runs per branch,
# which may be desirable for projects with a costly build process.
# Remove this block from the CI workflow to let each CI job run to completion.
concurrency:
group: build-${{ github.ref }}
cancel-in-progress: true
jobs:
lint:
name: General linting steps
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v27
- name: nix flake check
run: nix flake check
- name: treefmt - check format
run: nix fmt -- --ci
build:
name: Haskell build (GHC 9.6 - default env)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v27
- name: Build
run: nix develop --command bash -c "cabal build all"
- name: Run tests
run: nix develop --command bash -c "cabal test all"
- name: Check cabal file
run: nix develop --command bash -c "cabal check"
build-ghc-matrix:
name: Haskell build with several GHC versions (some are expected to fail)
if: contains(github.event.pull_request.labels.*.name, 'ghc-matrix')
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
ghc: ["ghc92", "ghc94", "ghc96", "ghc98", "ghc910"]
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v27
- name: Build
run: nix develop .\#$GHC_VERSION --command bash -c "cabal build all"
env:
GHC_VERSION: ${{ matrix.ghc }}
- name: Run tests
run: nix develop .\#$GHC_VERSION --command bash -c "cabal test all"
env:
GHC_VERSION: ${{ matrix.ghc }}
- name: Check cabal file
run: nix develop .\#$GHC_VERSION --command bash -c "cabal check"
env:
GHC_VERSION: ${{ matrix.ghc }}
publish:
name: Build and push docker image
# needs : build
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
steps:
- uses: actions/checkout@v2
- uses: cachix/install-nix-action@v27
- name: Set tag output
id: vars
run: echo "tag=${GITHUB_REF#refs/*/v}" >> $GITHUB_OUTPUT
- name: Check tag
run: echo ${TAG}
env:
TAG: ${{ steps.vars.outputs.tag }}
- name: Build and import image
run: |
nix build .\#dockerImage -o image.tgz
docker load -i image.tgz
docker tag ldap-scim-bridge:build ldap-scim-bridge:$TAG
env:
TAG: ${{ steps.vars.outputs.tag }}
- name: Push To quay.io
id: push-to-quay
uses: redhat-actions/push-to-registry@v2
with:
image: ldap-scim-bridge
tags: ${{ steps.vars.outputs.tag }}
registry: quay.io/wire
username: wire+ldapscimbridge
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: Print image url
run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"