ci: add NixOS build and test workflow
Creates .gitea/workflows/build-nixos.yml that triggers on push/PR to master when Nix files, flake.lock, secrets, hosts, or modules change. Includes: - Setup step to enable Nix experimental features and install nh - Build step for lazyworkhorse (x86_64-linux) via nh os build - Build step for cyt-pi (aarch64-linux) via nh os build - Placeholder integration test step Runner label: nixos-builder (Docker image nixos/nix)
This commit is contained in:
64
.gitea/workflows/build-nixos.yml
Normal file
64
.gitea/workflows/build-nixos.yml
Normal file
@@ -0,0 +1,64 @@
|
|||||||
|
name: NixOS Build & Test
|
||||||
|
run-name: Build ${{ gitea.event_name == 'push' && gitea.ref_name || format('PR #{0}', gitea.event.pull_request.number) }}
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
paths:
|
||||||
|
- '**.nix'
|
||||||
|
- 'flake.lock'
|
||||||
|
- 'secrets/**'
|
||||||
|
- 'hosts/**'
|
||||||
|
- 'modules/**'
|
||||||
|
pull_request:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
paths:
|
||||||
|
- '**.nix'
|
||||||
|
- 'flake.lock'
|
||||||
|
- 'secrets/**'
|
||||||
|
- 'hosts/**'
|
||||||
|
- 'modules/**'
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
runs-on: nixos-builder
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: Set up Nix environment
|
||||||
|
run: |
|
||||||
|
echo "extra-experimental-features = nix-command flakes" >> ~/.config/nix/nix.conf
|
||||||
|
cat ~/.config/nix/nix.conf
|
||||||
|
|
||||||
|
- name: Install nh (nix helper)
|
||||||
|
run: |
|
||||||
|
nix --extra-experimental-features "nix-command flakes" \
|
||||||
|
profile add nixpkgs#nh
|
||||||
|
nh --version
|
||||||
|
|
||||||
|
- name: Build NixOS configuration (lazyworkhorse)
|
||||||
|
run: |
|
||||||
|
nh os build .#lazyworkhorse
|
||||||
|
env:
|
||||||
|
NIX_CONFIG: "extra-experimental-features = nix-command flakes"
|
||||||
|
|
||||||
|
- name: Build NixOS configuration (cyt-pi)
|
||||||
|
run: |
|
||||||
|
nh os build .#cyt-pi
|
||||||
|
env:
|
||||||
|
NIX_CONFIG: "extra-experimental-features = nix-command flakes"
|
||||||
|
|
||||||
|
- name: Integration tests (placeholder)
|
||||||
|
run: |
|
||||||
|
echo "TODO: Add integration tests here"
|
||||||
|
echo ""
|
||||||
|
echo "Suggested future checks:"
|
||||||
|
echo " - nix flake check (evaluate all NixOS configs)"
|
||||||
|
echo " - Validate agenix secrets are decryptable"
|
||||||
|
echo " - Check services are defined correctly"
|
||||||
|
echo " - Run VM test if nixos-test infrastructure exists"
|
||||||
Reference in New Issue
Block a user