* DS-970: Add Magic Nix Cache and other workflow changes
An assortment of GitHub Workflow changes, potentially including:
- Enable DeterminateSystems/magic-nix-cache-action@main
- Reference all DeterminateSystems actions via @main
- Make update.yaml consistent across repos
- Remove unnecessary github-token: from nix-installer-action
- Update actions/checkout@v2 to actions/checkout@v3
* ci: clearly name steps in update.yml
* Add flake checker action to CI
* Bump action version to v4
* Remove outdated NIxpkgs check
Co-authored-by: Ana Hobden <operator@hoverbear.org>
---------
Co-authored-by: Ana Hobden <operator@hoverbear.org>
* How about a CI API call reduction?
* Not everyone uses Nix with flakes, turns out we are one of them
* Unbreak GHA file
* Purge github actifacts use
* Missed one.
* chmod right path
* chmod right binary name
* Fix steam deck, mac still broken due to containers
* Attempt to use github cache instead of the buildkite action
* See if we get the right artifacts
* Skip a test that Macs dislike
* Write GHA file correctly
* Refine jobs on buildkite and pathes on gha
* Better output
* Even more output!
* Use correct folder structure
* wip
* Add dockerfile
* Add readme bits
* Fix logic inversion
* Relax init detection error
* Tidying heuristics
* Fix doc tests
* Mac supports start-daemon false
* Get VM tests working
* Add instructions
* Some target_os flagging
* More target flagging
* Fix lints
* Fixup more mac-only stuff
* cfg flag examples too
* Fix planner wording
* More os specific lint fixing
* More refinement on mac and the README
* Add new CI jobs to test no-daemon
* Use nix-installer-pr to point at branch
* Tests with no-init
* init/no-daemon are linux only
* nix tests support a per-distro all attribute
* Add working podman test
* Expand docker tests
* Add contributing notes
* format
* Support both podman and docker
* Update contributing
* Add Windows WSL test script for Ubuntu
* format nix tests
* More ignores to check-spelling
* Add systemd based wsl test
* We don't have root-only darwin
* Reflect review nits
* Reenable tests
* Restore mac plan
* Flag off os specific tests
* Better cfg flagging
* Remove dead comments
* Rework readme to look better with new sections
* Correct codeblock language
* Remove some warnings
* Try extra-conf with a heredoc
* Test case
* Other test case
* heredoc in yaml goes burr
* use special bash syntax for newline
* Correctly close quotes
* Remove testing symbols
* Use file method
* unwhoops jobs
* upload_s3: provide git ish as argument
$GITHUB_SHA isn't the actual PR's HEAD's SHA, but a merge commit or
something.
* upload_s3: use an empty object if the file doesn't exist on s3
It's not pretty, but it works, and the md5sum of a file should never be
"null".
* release-branches: upload to `branch_${name}` instead
* release: init action to release first party PRs
* release: check if revision has already been uploaded
We don't want to waste bandwidth on files that already exist.
* release: consolidate s3 uploading into single script; check if artifact already uploaded
* release: only upload release for PR if it has the "upload to s3" label
* release: create releases for specified branches
* release: split action into one for branches, one for tags
* release: change the NIX_INSTALLER_BINARY_ROOT upon release
This way, we can be sure we use the right binaries to match the script.
* Rename harmonic to nix-installer
* Fix build
* handle nix-install.sh rename
* Forgot some things
* Fix a mistype
* Fix env var
* Fix merge change that popped up
* Add action
* Checkout so we have actions.yml
* yaml poking
* Handle GITHUB_TOKEN
* Don't ask github to do templating, use directives for logging
* Missing changes
* Fix build error
* Fix yaml even more
* Add shell command
* Add a wait on the socket again
* Print some debugging
* Use more correct env vars
* Correct install url logic
* Use different style for inputs
* Fix yaml errror
* Tweak around local-root
* provision nix-install.sh as well
* Use nix-install.sh path directory in NIX_INSTALL_URL
* Tweak variables to hopefully work
* Call it BINARY_ROOT instead
* Add exec output
* Set no-confirm
* no echo
* Add token to workflow
* Set no-confirm properly
* Add no-confirm back for uninstall
* Correct some env and vars
* CreateDirectory respects existing symlink
* Add a few more checks to the CI
* pass valid yaml...
* Slightly more aggressive cleanup of /nix
* Ensure steam-deck cleans /home/nix
* Add steam-deck check for persistence
* Canonicalize steam-deck persistence
* Ensure absolute path
* Inverted logic sad
* python3 on mac
* Add readme info and fix a extra-conf mistype
* Add unsaved changes
* More fine grained trace logging
* Restore spans we lost in refactor
* BuiltinPlanner can accept settings
* Reflect feedback
* Push actually working code hopefully this time
* Speeling
* Perform sudo in harmonic
* Remove sudo in scripts
* A bit more tweaking...
* Yay unix
* Use curl sh on ci
* Preserve environments we require
* Fix the yamls
* Better explain a run step
* Preserve GITHUB_PATH too
* Correct trace
* Include install-nix.sh in artifacts
* Remove unused vars
* Use /nix/harmonic for uninstall
* Only pass --preserve-env if required
* Wait for python server to start
* Use a sudo uninstall
* Pass verbosity correctly
* Pass no-confirm by env
* Pass no-confirm by env redux
* Hahaha very funny yaml
* handle env in no-confirm
* Preserve env on ci
* Mac stuff
* Perform sudo in harmonic
* Remove sudo in scripts
* A bit more tweaking...
* Yay unix
* Preserve environments we require
* Preserve GITHUB_PATH too
* Correct trace
* Remove unused vars
* Only pass --preserve-env if required
* Make plans versioned
* Delint
* speeeeeeeeling
* remove file that was dead
* Flesh out docs and improve public API
* Speeling
* Fixups
* Fix doctests
* Do a better job with actionstate
* Add some more docs
* Fix doctest
* Make CLI stuff optional
* Touchup
* Speeling
* Add fish support
* Add shell tests
* Add login shell tests
* Improve provisioning behavior of shell profiles
* Make created shell profiles executable
* Bump nix
* Try interactive shell
* Fixup merge
* Bad yaml, bad
* Tweak ci
* Set GITHUB_PATH
* Do github runner automatically
* Use GITHUB_PATH more
* use login shells again
* Ouytput github path in ci
* Okay so GITHUB_PATH is a UNIX socket?
* Okay yup they are UNIX sockets
* Have the macs dump their github path
* YAML stuff
* Pass github path in invocation
* Bump plans
* Okay it is not a socket
* Remove debugging
* Review fixes
* Pass correct shell arg to mac
* Echo github path
* Echo the path, then...
* Join GITHUB_PATH writes
* Init Steam Deck support
* Improve systemd units
* Handle stopping nix-daemon.service before stopping mount
* Better handle being in a sysext
* Add some install directions
* Add a KDE autostart script
* Tidy up uninstall
* Use stop/disable instead of disable --now
* Fixup a double-disable
* Repair some defaults
* Tidy up services
* Make ci test steam deck planner
* Delete bonus line
* Use newer image
* Get steam-deck working hopefully
* Create steamos-readonly mock
* Make stub of steamos-readonly
* Use sudo for chmod
* Attempt CI fix
* Don't add deck group
* A more clever method
* We have a new method and the CI can be cleaned a bit
* Brazenly disable sandbox on the deck ci
* Extra-conf takes vec
* Dump lsblk mount
* An even more clever method
* More debugging symbols
* More debugging symbols
* Even more debugging
* probe for issues
* Get specific with permissions and ownership (for ci)
* We are now way overboard on debugging symbols
* Specify permissions on created home stub
* Allow specifying persistence
* Cleanup debugging bits
* Fixup persistence path
* Work out some better linking in units
* units don't need executable
* Tidy
* Delint
* Remove a note from readme
* Github actions seems to have build the wrong checkout?
* Doctest repair
* Don't create directory twice
* Restore missing doc comments
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
* Attempt a cache -- for fun
* Correct path
* Don't cache lints
* Remove bonus args
* Delete bonus line
* Use newer image
* Use non pwd store relocation
* No steam deck job
* Change artifact behavior slightly
* Roundabout fetching of the binary
* Fixup path
* Fixup bad job id