ci: whoops

2025-09-17 17:37:07 -05:00
parent 43b7694554
commit f0360c3bf9
1 changed files with 0 additions and 0 deletions
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@@ -0,0 +1,91 @@
+name: Build and Deploy
+on:
+  push:
+    branches: [master]
+  # pull_request:
+  #  branches: [master]
+  tags:
+    - '*.*.*'
+jobs:
+  build-deploy-ubuntu:
+    # Is it a risk to Ouroboros this?
+    # Really want this to be able to run on ubuntu but it is a slow run.
+    runs-on: ubuntu-latest
+    # runs-on: nix-runner
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Fetch all history for tags
+      - name: Install Nix
+        uses: cachix/install-nix-action@v31
+      - name: Setup Attic Cache
+        uses: ryanccn/attic-action@3354ae812cb672e1381be4c7914204c44db53866
+        with:
+          endpoint: ${{ secrets.ATTIC_ENDPOINT }}
+          cache: ${{ secrets.ATTIC_CACHE }}
+          token: ${{ secrets.ATTIC_TOKEN }}
+      - name: Build container
+        run: nix build .#act-runner-image
+      - name: Check Nix flake
+        run: nix flake check
+        id: flake-check
+      - name: Build Docker image if flake check fails
+        if: steps.flake-check.outcome == 'failure'
+        run: |
+          just build
+          echo "::warning::Nix flake check failed, but Docker image build succeeded as fallback"
+      - name: Set deployment variables
+        id: vars
+        run: |
+          # Check if this is a tag build
+          if [[ ${{ github.ref_type }} == 'tag' ]]; then
+            echo "TAG=${{ github.ref_name }}" >> $GITHUB_OUTPUT
+            echo "BRANCH=master" >> $GITHUB_OUTPUT
+          else
+            echo "BRANCH=${{ github.ref_name }}" >> $GITHUB_OUTPUT
+          fi
+      - name: Deploy Docker image
+        env:
+          REGISTRY: gitea.deepak.science
+          REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
+          REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
+          REPOSITORY: ${{ github.repository }}
+          TAG: ${{ steps.vars.outputs.TAG }}
+          BRANCH: ${{ steps.vars.outputs.BRANCH }}
+        run: |
+          nix develop -c bash scripts/deploy.sh
+  nix-check:
+    runs-on: nix-runner
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0 # Fetch all history for tags
+      - name: "Cache Nix store"
+        uses: actions/cache@v4
+        id: nix-cache
+        with:
+          path: /tmp/nixcache
+          key: nix-${{ runner.os }}-nix-builder-image-${{ hashFiles('**/package.json', 'package-lock.json', '**/*.nix', '**/flake.lock', '.npmrc', '.eleventy.js') }}
+          restore-keys: |
+            nix-${{ runner.os }}-nix-builder-image
+      - name: Setup Attic Cache
+        uses: ryanccn/attic-action@3354ae812cb672e1381be4c7914204c44db53866
+        with:
+          endpoint: ${{ secrets.ATTIC_ENDPOINT }}
+          cache: ${{ secrets.ATTIC_CACHE }}
+          token: ${{ secrets.ATTIC_TOKEN }}
+      - name: "Import Nix store cache"
+        continue-on-error: true
+        # if: "steps.nix-cache.outputs.cache-hit == 'true'"
+        run: bash scripts/restore_cache.sh
+      - name: Build container
+        run: nix build .#act-runner-image
+      - name: Check Nix flake
+        run: nix flake check
+        id: flake-check
+      - name: "Export Nix store cache"
+        if: always()
+        # if: "steps.nix-cache.outputs.cache-hit != 'true'"
+        run: bash scripts/populate_cache.sh