diff --git a/.github/workflows/push_build_devShells.yaml b/.github/workflows/push_build_devShells.yaml index c61fe32..60e483d 100644 --- a/.github/workflows/push_build_devShells.yaml +++ b/.github/workflows/push_build_devShells.yaml @@ -18,11 +18,12 @@ jobs: strategy: matrix: platform: + - x86_64 - aarch64 fail-fast: true steps: - - name: Check out repository + - name: "Check out repository" uses: actions/checkout@v4 with: fetch-depth: 0 @@ -44,6 +45,16 @@ jobs: trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= ${{ secrets.NIX_CACHE_PUB_KEY }} builders-use-substitutes = true + - name: "Verify if we need to build" + id: verify-build + run: | + export build_dry_run_output=$(make build-dry-run ARCH=${{ matrix.platform }}) + export drvPath=$(echo "$build_dry_run_output" | grep -oE '"out":.*"' | awk -F\" '{ print $4 }') + nix store verify --store s3://nhost-nix-cache?region=eu-central-1 $drvPath \ + && export BUILD_NEEDED=no \ + || export BUILD_NEEDED=yes + echo BUILD_NEEDED=$BUILD_NEEDED >> $GITHUB_OUTPUT + - name: "Setup nix-remote-builder" uses: dbarrosop/nix-remote-builder-aws@v0.3.0 id: nix-remote-builder @@ -54,11 +65,12 @@ jobs: region: "eu-central-1" availability-zone: "eu-central-1c" ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} + if: ${{ ( matrix.platform == 'aarch64' ) && steps.verify-build.outputs.BUILD_NEEDED == 'yes' }} - name: "Setup nix-remote-builder in nix.conf" run: | echo "builders = ssh://${{ steps.nix-remote-builder.outputs.publicDnsName }} aarch64-linux;" >> ~/.config/nix/nix.conf - if: ${{ ( matrix.platform == 'aarch64' ) }} + if: ${{ ( matrix.platform == 'aarch64' ) && steps.verify-build.outputs.BUILD_NEEDED == 'yes' }} - name: Cache nix store uses: actions/cache@v4 @@ -75,6 +87,7 @@ jobs: !/nix/var/nix/db/reserved key: nix-${{ inputs.NAME }}-build-${{ runner.os }}-${{ matrix.platform }}-${{ hashFiles('nix/**.nix', 'flake.nix', 'flake.lock', '${{ inputs.PROJECT }}/**.nix') }} restore-keys: nix-${{ inputs.NAME }}-build-${{ runner.OS }}-${{ matrix.platform }}-main + if: ${{ steps.verify-build.outputs.BUILD_NEEDED == 'yes' }} - uses: docker/setup-qemu-action@v3 if: ${{ ( matrix.platform == 'aarch64' ) }} @@ -104,15 +117,18 @@ jobs: fi ((attempt++)) done - if: ${{ ( matrix.platform == 'aarch64' ) }} + if: ${{ ( matrix.platform == 'aarch64' ) && steps.verify-build.outputs.BUILD_NEEDED == 'yes' }} + - name: "Build" + run: | + make build ARCH=${{ matrix.platform }} - name: "Cache nix store on s3" run: | echo ${{ secrets.NIX_CACHE_PRIV_KEY }} > cache-priv-key.pem - nix build .\#devShells.${{ matrix.platform }}-linux.default nix store sign --key-file cache-priv-key.pem --all - nix copy --to s3://nhost-nix-cache\?region=eu-central-1 .\#devShells.${{ matrix.platform }}-linux.default + find /nix/store -maxdepth 1 -name "*-*" -type d | xargs -n 1000 nix copy --to s3://nhost-nix-cache\?region=eu-central-1 + if: always() - run: rm cache-priv-key.pem || echo "file not found" if: always() diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..f15ca6e --- /dev/null +++ b/Makefile @@ -0,0 +1,26 @@ +ifeq ($(shell uname -m),x86_64) + ARCH?=x86_64 +else ifeq ($(shell uname -m),arm64) + ARCH?=aarch64 +endif + +ifeq ($(shell uname -o),Darwin) + OS?=darwin +else + OS?=linux +endif + +.PHONY: build +build: ## Build application and places the binary under ./result/bin + nix build \ + --print-build-logs \ + .\#devShells.$(ARCH)-$(OS).default + + +.PHONY: build-dry-run +build-dry-run: ## Run nix flake check + nix build \ + --dry-run \ + --json \ + --print-build-logs \ + .\#devShells.$(ARCH)-$(OS).default