From 834721455665354e9f5562bfd54086f571c28134 Mon Sep 17 00:00:00 2001 From: Graham Christensen Date: Fri, 20 Sep 2024 13:07:07 -0400 Subject: [PATCH] Fixup release test matrix re: dnixd (#1186) * Trivial flakehub: true -> determinate: true * Assert dnixd's presence or absence * ... * Fixup: flakehub: true implies determinate: true, so make the test suites pass determinate in the matrix instead of extra args * drop the github-token setting * Drop the trusted-user extra-conf * Sort the installer config * Correct the name to match the existing merge rules --- .github/workflows/build-aarch64-darwin.yml | 2 +- .github/workflows/build-aarch64-linux.yml | 2 +- .github/workflows/build-x86_64-darwin.yml | 2 +- .github/workflows/build-x86_64-linux.yml | 2 +- .github/workflows/ci.yml | 163 ++++++++++++--------- .github/workflows/update.yml | 2 +- 6 files changed, 96 insertions(+), 77 deletions(-) diff --git a/.github/workflows/build-aarch64-darwin.yml b/.github/workflows/build-aarch64-darwin.yml index 693ae7ccf..3f51d0470 100644 --- a/.github/workflows/build-aarch64-darwin.yml +++ b/.github/workflows/build-aarch64-darwin.yml @@ -21,7 +21,7 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/magic-nix-cache-action@main with: use-gha-cache: false diff --git a/.github/workflows/build-aarch64-linux.yml b/.github/workflows/build-aarch64-linux.yml index 8585bd6ba..8256afb77 100644 --- a/.github/workflows/build-aarch64-linux.yml +++ b/.github/workflows/build-aarch64-linux.yml @@ -21,7 +21,7 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/magic-nix-cache-action@main with: use-gha-cache: false diff --git a/.github/workflows/build-x86_64-darwin.yml b/.github/workflows/build-x86_64-darwin.yml index e8b838ddd..035a88ebd 100644 --- a/.github/workflows/build-x86_64-darwin.yml +++ b/.github/workflows/build-x86_64-darwin.yml @@ -21,7 +21,7 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/magic-nix-cache-action@main with: use-gha-cache: false diff --git a/.github/workflows/build-x86_64-linux.yml b/.github/workflows/build-x86_64-linux.yml index 3578a2071..c5df6bc1d 100644 --- a/.github/workflows/build-x86_64-linux.yml +++ b/.github/workflows/build-x86_64-linux.yml @@ -21,7 +21,7 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/magic-nix-cache-action@main with: use-gha-cache: false diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f5a5a6e62..084a241e2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -39,7 +39,7 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - uses: DeterminateSystems/magic-nix-cache-action@main with: use-gha-cache: false @@ -57,12 +57,12 @@ jobs: run: nix develop --command shellcheck ./nix-installer.sh run-x86_64-linux: - name: Run x86_64 Linux + name: Run x86_64 Linux${{ matrix.determinate && ' (--determinate)' || ''}} runs-on: UbuntuLatest32Cores128G needs: [lints, build-x86_64-linux] strategy: matrix: - extra-args: ["--determinate", ""] + determinate: [true, false] permissions: id-token: "write" contents: "read" @@ -83,13 +83,20 @@ jobs: - name: Initial install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true - extra-args: ${{ matrix.extra-args }} + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} + logger: pretty + - name: "Validate dnixd is ${{ matrix.determinate && 'installed' || 'uninstalled' }}" + run: | + if test -x /usr/local/bin/determinate-nixd; then + echo "determinate-nixd is present" + ${{ matrix.determinate }} + else + echo "determinate-nixd is not present" + ${{ !matrix.determinate }} + fi - name: Initial uninstall (without a `nix run` first) run: sudo -E /nix/nix-installer uninstall env: @@ -114,13 +121,11 @@ jobs: - name: Repeated install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true - extra-args: ${{ matrix.extra-args }} + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} + logger: pretty - name: echo $PATH run: echo $PATH - name: Test `nix` with `$GITHUB_PATH` @@ -170,12 +175,12 @@ jobs: fi run-x86_64-linux-no-init: - name: Run x86_64 Linux (No init) + name: Run x86_64 Linux (No init${{ matrix.determinate && ', --determinate' || ''}}) runs-on: UbuntuLatest32Cores128G needs: [lints, build-x86_64-linux] strategy: matrix: - extra-args: ["--determinate", ""] + determinate: [true, false] permissions: id-token: "write" contents: "read" @@ -196,15 +201,22 @@ jobs: - name: Initial install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + backtrace: full + determinate: ${{ matrix.determinate }} init: none - extra-args: ${{ matrix.extra-args }} - planner: linux local-root: install-root/ - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} + logger: pretty + planner: linux + - name: "Validate dnixd is ${{ matrix.determinate && 'installed' || 'uninstalled' }}" + run: | + if test -x /usr/local/bin/determinate-nixd; then + echo "determinate-nixd is present" + ${{ matrix.determinate }} + else + echo "determinate-nixd is not present" + ${{ !matrix.determinate }} + fi - name: Ensure daemon was not configured with init run: | if systemctl is-active nix-daemon.socket; then @@ -231,15 +243,13 @@ jobs: - name: Repeated install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + backtrace: full + determinate: ${{ matrix.determinate }} init: none - planner: linux - extra-args: ${{ matrix.extra-args }} local-root: install-root/ - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} + logger: pretty + planner: linux - name: echo $PATH run: echo $PATH - name: Test `nix` with `$GITHUB_PATH` @@ -289,12 +299,12 @@ jobs: fi run-x86_64-darwin: - name: Run x86_64 Darwin + name: Run x86_64 Darwin${{ matrix.determinate && ' (--determinate)' || ''}} runs-on: macos-13 needs: [lints, build-x86_64-darwin] strategy: matrix: - extra-args: ["--determinate", ""] + determinate: [true, false] permissions: id-token: "write" contents: "read" @@ -315,15 +325,20 @@ jobs: - name: Initial install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true - extra-args: ${{ matrix.extra-args }} + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} - extra-conf: | - trusted-users = root runner + logger: pretty + - name: "Validate dnixd is ${{ matrix.determinate && 'installed' || 'uninstalled' }}" + run: | + if test -x /usr/local/bin/determinate-nixd; then + echo "determinate-nixd is present" + ${{ matrix.determinate }} + else + echo "determinate-nixd is not present" + ${{ !matrix.determinate }} + fi - name: Initial uninstall (without a `nix run` first) run: sudo -E /nix/nix-installer uninstall env: @@ -334,14 +349,11 @@ jobs: - name: Repeated install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true - extra-args: ${{ matrix.extra-args }} + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} - extra-conf: trusted-users = root runner + logger: pretty - name: echo $PATH run: echo $PATH - name: Test `nix` with `$GITHUB_PATH` @@ -377,12 +389,12 @@ jobs: RUST_BACKTRACE: full run-aarch64-linux: - name: Run aarch64 Linux + name: Run aarch64 Linux${{ matrix.determinate && ' (--determinate)' || ''}} runs-on: namespace-profile-default-arm64 needs: [lints, build-aarch64-linux] strategy: matrix: - extra-args: ["--determinate", ""] + determinate: [true, false] permissions: id-token: "write" contents: "read" @@ -403,13 +415,20 @@ jobs: - name: Initial install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - extra-args: ${{ matrix.extra-args }} - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} + logger: pretty + - name: "Validate dnixd is ${{ matrix.determinate && 'installed' || 'uninstalled' }}" + run: | + if test -x /usr/local/bin/determinate-nixd; then + echo "determinate-nixd is present" + ${{ matrix.determinate }} + else + echo "determinate-nixd is not present" + ${{ !matrix.determinate }} + fi - name: Initial uninstall (without a `nix run` first) run: sudo -E /nix/nix-installer uninstall env: @@ -434,13 +453,11 @@ jobs: - name: Repeated install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - logger: pretty - extra-args: ${{ matrix.extra-args }} log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} + logger: pretty - name: echo $PATH run: echo $PATH - name: Test `nix` with `$GITHUB_PATH` @@ -490,12 +507,12 @@ jobs: fi run-aarch64-darwin: - name: Run aarch64 Darwin + name: Run aarch64 Darwin${{ matrix.determinate && ' (--determinate)' || ''}} runs-on: macos-latest-xlarge needs: [lints, build-aarch64-darwin] strategy: matrix: - extra-args: ["--determinate", ""] + determinate: [true, false] permissions: id-token: "write" contents: "read" @@ -516,15 +533,20 @@ jobs: - name: Initial install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - extra-args: ${{ matrix.extra-args }} - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} - extra-conf: | - trusted-users = root runner + logger: pretty + - name: "Validate dnixd is ${{ matrix.determinate && 'installed' || 'uninstalled' }}" + run: | + if test -x /usr/local/bin/determinate-nixd; then + echo "determinate-nixd is present" + ${{ matrix.determinate }} + else + echo "determinate-nixd is not present" + ${{ !matrix.determinate }} + fi - name: Initial uninstall (without a `nix run` first) run: sudo -E /nix/nix-installer uninstall env: @@ -535,14 +557,11 @@ jobs: - name: Repeated install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + backtrace: full + determinate: ${{ matrix.determinate }} local-root: install-root/ - extra-args: ${{ matrix.extra-args }} - logger: pretty log-directives: nix_installer=debug - backtrace: full - github-token: ${{ secrets.GITHUB_TOKEN }} - extra-conf: trusted-users = root runner + logger: pretty - name: echo $PATH run: echo $PATH - name: Test `nix` with `$GITHUB_PATH` @@ -603,11 +622,11 @@ jobs: - name: Initial install uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + backtrace: full + determinate: true local-root: install-root/ - logger: pretty log-directives: nix_installer=debug - backtrace: full + logger: pretty - uses: DeterminateSystems/magic-nix-cache-action@main with: use-gha-cache: false diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 027002efc..510bef15a 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -16,7 +16,7 @@ jobs: - name: Install Nix uses: DeterminateSystems/nix-installer-action@main with: - flakehub: true + determinate: true - name: Enable Magic Nix Cache uses: DeterminateSystems/magic-nix-cache-action@main with: