Skip to content

chore: bump DeterminateSystems/magic-nix-cache-action from 4 to 6 #310

chore: bump DeterminateSystems/magic-nix-cache-action from 4 to 6

chore: bump DeterminateSystems/magic-nix-cache-action from 4 to 6 #310

Workflow file for this run

name: CI
on:
push:
branches: [main]
pull_request:
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github. run_id }}
cancel-in-progress: true
jobs:
build:
name: Build
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Set up Nix
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87e8236f46702ab0ce5a058b605a173ec88d618e # v6
- name: Set up Go cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ github.job }}-${{ runner.os }}-go-
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Build
run: nix develop --impure .#ci -c make build
test:
name: Test
runs-on: ubuntu-latest
strategy:
matrix:
vault_version: ["1.11.12", "1.12.8", "1.13.4", "1.14.1"]
services:
vault:
image: hashicorp/vault:${{ matrix.vault_version }}
env:
SKIP_SETCAP: "true"
VAULT_ADDR: http://127.0.0.1:8200
VAULT_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
VAULT_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
ports:
- 8200:8200
bao:
image: csatib02/openbao:dev
env:
SKIP_SETCAP: "true"
BAO_ADDR: http://127.0.0.1:8200
BAO_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
BAO_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
ports:
- 8300:8200
steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Set up Nix
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87e8236f46702ab0ce5a058b605a173ec88d618e # v6
- name: Set up Go cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ github.job }}-${{ runner.os }}-go-
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Test
run: nix develop --impure .#ci -c make test
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Set up Nix
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87e8236f46702ab0ce5a058b605a173ec88d618e # v6
- name: Set up Go cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ github.job }}-${{ runner.os }}-go-
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Lint
run: nix develop --impure .#ci -c make lint
license-check:
name: License check
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Set up Nix
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87e8236f46702ab0ce5a058b605a173ec88d618e # v6
- name: Set up Go cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ github.job }}-${{ runner.os }}-go-
- name: Cache license information
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: .licensei.cache
key: licensei-v1-${{ github.ref_name }}-${{ hashFiles('go.sum') }}
restore-keys: |
licensei-v1-${{ github.ref_name }}
licensei-v1-main
licensei-v1
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Populate license cache
run: nix develop --impure .#ci -c licensei cache
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Check licenses
run: nix develop --impure .#ci -c make license-check
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
dev:
name: Developer environment
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Set up Nix
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87e8236f46702ab0ce5a058b605a173ec88d618e # v6
- name: Check
run: nix flake check --impure
- name: Dev shell
run: nix develop --impure
artifacts:
name: Artifacts
uses: ./.github/workflows/artifacts.yaml
with:
publish: ${{ github.event_name == 'push' }}
permissions:
contents: write
packages: write
id-token: write
security-events: write
dependency-review:
name: Dependency review
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Dependency Review
uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2
e2e-test:
name: E2E test
runs-on: ubuntu-latest
strategy:
matrix:
vault_version: ["1.11.12", "1.12.8", "1.13.4", "1.14.1"]
services:
vault:
image: hashicorp/vault:${{ matrix.vault_version }}
env:
SKIP_SETCAP: "true"
VAULT_ADDR: http://127.0.0.1:8200
VAULT_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
VAULT_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
ports:
- 8200:8200
bao:
image: csatib02/openbao:dev
env:
SKIP_SETCAP: "true"
BAO_ADDR: http://127.0.0.1:8200
BAO_TOKEN: 227e1cce-6bf7-30bb-2d2a-acc854318caf
BAO_DEV_ROOT_TOKEN_ID: 227e1cce-6bf7-30bb-2d2a-acc854318caf
ports:
- 8300:8200
steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Set up Nix
uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Set up magic Nix cache
uses: DeterminateSystems/magic-nix-cache-action@87e8236f46702ab0ce5a058b605a173ec88d618e # v6
- name: Set up Go cache
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ github.job }}-${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ github.job }}-${{ runner.os }}-go-
- name: Prepare Nix shell
run: nix develop --impure .#ci
- name: Test
run: nix develop --impure .#ci -c make test-e2e
env:
VAULT_VERSION: ${{ matrix.vault_version }}