From c784eb2b474a8b4707d54444a445a6e30762b16c Mon Sep 17 00:00:00 2001 From: Mateusz Galazyn Date: Thu, 23 Jan 2025 10:36:59 +0100 Subject: [PATCH] Clean up GHAs using nix, update nix development shell MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Clément Hurlin --- .github/workflows/actionlint.yml | 10 +-- .github/workflows/check-cabal-files.yml | 22 +++-- .github/workflows/check-cabal-gild.yml | 69 +++++++-------- .github/workflows/check-formatting.yml | 85 ++++++++----------- .github/workflows/check-git-dependencies.yml | 2 +- .github/workflows/check-hlint.yml | 2 +- .github/workflows/check-pr-changelog.yml | 6 +- .github/workflows/github-page.yml | 79 ++++++++--------- .github/workflows/hls.yml | 19 +++-- .github/workflows/markdown-links-ci-check.yml | 2 +- .github/workflows/release-upload.yml | 10 +-- .github/workflows/shellcheck.yml | 12 ++- .github/workflows/stale-bot.yml | 2 +- flake.nix | 24 ++---- 14 files changed, 153 insertions(+), 191 deletions(-) diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 26aed8aead..83ed8787b3 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -14,17 +14,13 @@ jobs: # actionlint is not going to install its own shellcheck. # This also makes sure that this pipeline runs using # the same shellcheck as the ones in Nix shells of developers. - - name: Install Nix with good defaults - uses: input-output-hk/install-nix-action@v20 + - uses: cachix/install-nix-action@v30 with: + nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: | trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= substituters = https://cache.iog.io/ https://cache.nixos.org/ - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/install-nix-action@v18 - with: - nix_path: nixpkgs=channel:nixos-unstable - # Make the Nix environment available to next steps + - uses: rrbutani/use-nix-shell-action@v1 - name: Run Actionlint diff --git a/.github/workflows/check-cabal-files.yml b/.github/workflows/check-cabal-files.yml index 4dbd0c7fcd..3cc3532da3 100644 --- a/.github/workflows/check-cabal-files.yml +++ b/.github/workflows/check-cabal-files.yml @@ -9,18 +9,16 @@ jobs: runs-on: ubuntu-latest steps: - - name: Workaround runner image issue - if: runner.os == 'Linux' - # https://github.com/actions/runner-images/issues/7061 - run: sudo chown -R "$USER" /usr/local/.ghcup + - uses: actions/checkout@v4 - - name: Install Haskell - uses: input-output-hk/setup-haskell@v1 - id: setup-haskell - with: - cabal-version: "3.14.1.1" + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + extra_nix_config: | + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= + substituters = https://cache.iog.io/ https://cache.nixos.org/ - - uses: actions/checkout@v3 + - uses: rrbutani/use-nix-shell-action@v1 - - name: Cabal check - run: ./scripts/ci/check-cabal-files.sh + - name: Cabal check + run: ./scripts/ci/check-cabal-files.sh diff --git a/.github/workflows/check-cabal-gild.yml b/.github/workflows/check-cabal-gild.yml index 569aa9e1ea..1091be81d5 100644 --- a/.github/workflows/check-cabal-gild.yml +++ b/.github/workflows/check-cabal-gild.yml @@ -7,42 +7,37 @@ on: jobs: check-cabal-gild: runs-on: ubuntu-latest - - env: - CABAL_GILD_VERSION: "1.3.1.2" - steps: - - name: Download cabal-gild - run: | - cabal_gild_path="$(mktemp -d)" - version="${{env.CABAL_GILD_VERSION}}" - curl -sL \ - "https://github.com/tfausak/cabal-gild/releases/download/$version/cabal-gild-$version-linux-x64.tar.gz" \ - | tar -C "$cabal_gild_path" -xz - - echo "PATH=$cabal_gild_path:$PATH" >> "$GITHUB_ENV" - - - uses: actions/checkout@v4 - - - name: Run cabal-gild over all modified files - run: | - rc="0" - echo "cabal-gild version: ${{env.CABAL_GILD_VERSION}}" - for file in $(git ls-files "*.cabal") - do - echo "cabal-gild --mode=check --input=$file" - if ! cabal-gild --mode=check --input="$file" - then - cabal-gild --mode=format --io="$file" - echo "💣 $file is badly formatted. Fix it with:" - echo "cabal-gild --mode=format --io=$file" - echo -e - echo "Diff for $file:" - git diff "$file" - echo -e - rc="1" - fi - done - - exit $rc + - uses: actions/checkout@v4 + + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + extra_nix_config: | + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= + substituters = https://cache.iog.io/ https://cache.nixos.org/ + + - uses: rrbutani/use-nix-shell-action@v1 + + - name: Run cabal-gild over all modified files + run: | + rc="0" + echo "cabal-gild version: ${{env.CABAL_GILD_VERSION}}" + for file in $(git ls-files "*.cabal") + do + echo "cabal-gild --mode=check --input=$file" + if ! cabal-gild --mode=check --input="$file" + then + cabal-gild --mode=format --io="$file" + echo "💣 $file is badly formatted. Fix it with:" + echo "cabal-gild --mode=format --io=$file" + echo -e + echo "Diff for $file:" + git diff "$file" + echo -e + rc="1" + fi + done + + exit $rc diff --git a/.github/workflows/check-formatting.yml b/.github/workflows/check-formatting.yml index 1bffb6f3cd..61768513e3 100644 --- a/.github/workflows/check-formatting.yml +++ b/.github/workflows/check-formatting.yml @@ -1,4 +1,4 @@ -name: Check Haskell formatting +name: Check Haskell formatting on: merge_group: @@ -22,62 +22,49 @@ jobs: check-formatting: runs-on: ubuntu-latest - env: - FOURMOLU_VERSION: "0.16.2.0" - STYLISH_HASKELL_VERSION: "0.14.6.0" - steps: - - name: Download Fourmolu - run: | - fourmolu_path="$(mktemp -d)" - version="${{env.FOURMOLU_VERSION}}" - curl -sL \ - "https://github.com/fourmolu/fourmolu/releases/download/v$version/fourmolu-$version-linux-x86_64" > "$fourmolu_path/fourmolu" - echo "PATH=$fourmolu_path:$PATH" >> "$GITHUB_ENV" - chmod u+rwx "$fourmolu_path/fourmolu" + - uses: actions/checkout@v4 - - name: Download stylish-haskell - run: | - stylish_haskell_path="$(mktemp -d)" - version="${{ env.STYLISH_HASKELL_VERSION }}" - curl -sL \ - "https://github.com/haskell/stylish-haskell/releases/download/v$version/stylish-haskell-v$version-linux-x86_64.tar.gz" \ - | tar -C "$stylish_haskell_path" -xz - echo "PATH=$stylish_haskell_path/stylish-haskell-v$version-linux-x86_64:$PATH" >> "$GITHUB_ENV" + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + extra_nix_config: | + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= + substituters = https://cache.iog.io/ https://cache.nixos.org/ - - uses: actions/checkout@v3 + - uses: rrbutani/use-nix-shell-action@v1 - - name: Run formatting over all Haskell files (always succeeds) - run: | - git add . - git stash + - name: Run formatting over all Haskell files (always succeeds) + run: | + git add . + git stash - for x in $(git ls-tree --full-tree --name-only -r HEAD); do - if [ "${x##*.}" == "hs" ]; then - if grep -qE '^#' "$x"; then - echo "$x contains CPP. Skipping." - else - "$(git rev-parse --show-toplevel)/scripts/devshell/prettify" "$x" + for x in $(git ls-tree --full-tree --name-only -r HEAD); do + if [ "${x##*.}" == "hs" ]; then + if grep -qE '^#' "$x"; then + echo "$x contains CPP. Skipping." + else + "$(git rev-parse --show-toplevel)/scripts/devshell/prettify" "$x" + fi fi - fi - done + done - git --no-pager diff + git --no-pager diff - - name: Run formatting over all modified files - run: | - git add . - git stash - git fetch origin ${{ github.base_ref }} --unshallow - for x in $(git diff --name-only --diff-filter=ACMR origin/${{ github.base_ref }}..HEAD); do - if [ "${x##*.}" == "hs" ]; then - if grep -qE '^#' "$x"; then - echo "$x contains CPP. Skipping." - else - "$(git rev-parse --show-toplevel)/scripts/devshell/prettify" "$x" + - name: Run formatting over all modified files + run: | + git add . + git stash + git fetch origin ${{ github.base_ref }} --unshallow + for x in $(git diff --name-only --diff-filter=ACMR origin/${{ github.base_ref }}..HEAD); do + if [ "${x##*.}" == "hs" ]; then + if grep -qE '^#' "$x"; then + echo "$x contains CPP. Skipping." + else + "$(git rev-parse --show-toplevel)/scripts/devshell/prettify" "$x" + fi fi - fi - done + done - git --no-pager diff --exit-code + git --no-pager diff --exit-code diff --git a/.github/workflows/check-git-dependencies.yml b/.github/workflows/check-git-dependencies.yml index 8639392485..a7caa10a5e 100644 --- a/.github/workflows/check-git-dependencies.yml +++ b/.github/workflows/check-git-dependencies.yml @@ -14,7 +14,7 @@ jobs: steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Check git dependencies run: | diff --git a/.github/workflows/check-hlint.yml b/.github/workflows/check-hlint.yml index c8b6a8658c..adf9cea84d 100644 --- a/.github/workflows/check-hlint.yml +++ b/.github/workflows/check-hlint.yml @@ -14,6 +14,6 @@ jobs: steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: haskell-actions/hlint-scan@v1 diff --git a/.github/workflows/check-pr-changelog.yml b/.github/workflows/check-pr-changelog.yml index e59023b5c5..8edcf155b3 100644 --- a/.github/workflows/check-pr-changelog.yml +++ b/.github/workflows/check-pr-changelog.yml @@ -8,12 +8,12 @@ jobs: check-changelog: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 if: ${{ github.event_name != 'merge_group' }} with: - node-version: 16 + node-version: 22 - run: npm install js-yaml@4.1.0 if: ${{ github.event_name != 'merge_group' }} diff --git a/.github/workflows/github-page.yml b/.github/workflows/github-page.yml index 13f7e6cc2d..b3f236a819 100644 --- a/.github/workflows/github-page.yml +++ b/.github/workflows/github-page.yml @@ -4,6 +4,7 @@ on: push: branches: - master + workflow_dispatch: jobs: build: @@ -14,54 +15,46 @@ jobs: shell: bash steps: - - name: Install Nix - uses: cachix/install-nix-action@v18 - with: - # Use last stable nixos channel and the same nix as in channel: - install_url: https://releases.nixos.org/nix/nix-2.11.1/install - nix_path: nixpkgs=channel:nixos-22.11 - github_access_token: ${{ secrets.GITHUB_TOKEN }} - extra_nix_config: | - access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} - experimental-features = nix-command flakes - allow-import-from-derivation = true - substituters = https://cache.nixos.org https://cache.iog.io - trusted-public-keys = hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= + - uses: actions/checkout@v4 - - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + extra_nix_config: | + trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= + substituters = https://cache.iog.io/ https://cache.nixos.org/ - - name: Fetch nix cache and update cabal indices - run: | - nix develop .\#haddockShell --command \ + - uses: rrbutani/use-nix-shell-action@v1 + + - name: Update cabal indices + run: | cabal update - - name: Build whole project - run: | - nix develop .\#haddockShell --command \ + - name: Build whole project + run: | cabal build all - - name: Build documentation - run: | - nix develop .\#haddockShell --command \ + - name: Build documentation + run: | cabal haddock-project --output=./haddocks --internal --foreign-libraries - - name: Compress haddocks - run: | - tar -czf haddocks.tgz -C haddocks . - - - name: Upload haddocks artifact - uses: actions/upload-artifact@v4 - if: ${{ always() }} - continue-on-error: true - with: - name: haddocks - path: ./haddocks.tgz - - - name: Deploy documentation to gh-pages 🚀 - if: github.ref == 'refs/heads/master' - uses: peaceiris/actions-gh-pages@v4 - with: - github_token: ${{ secrets.GITHUB_TOKEN || github.token }} - publish_dir: haddocks - cname: cardano-cli.cardano.intersectmbo.org - force_orphan: true + - name: Compress haddocks + run: | + tar -czf haddocks.tgz -C haddocks . + + - name: Upload haddocks artifact + uses: actions/upload-artifact@v4 + if: ${{ always() }} + continue-on-error: true + with: + name: haddocks + path: ./haddocks.tgz + + - name: Deploy documentation to gh-pages 🚀 + if: github.ref == 'refs/heads/master' + uses: peaceiris/actions-gh-pages@v4 + with: + github_token: ${{ secrets.GITHUB_TOKEN || github.token }} + publish_dir: haddocks + cname: cardano-cli.cardano.intersectmbo.org + force_orphan: true diff --git a/.github/workflows/hls.yml b/.github/workflows/hls.yml index 936433d110..72c1fa173d 100644 --- a/.github/workflows/hls.yml +++ b/.github/workflows/hls.yml @@ -19,23 +19,25 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 60 steps: - - name: Check out repo - uses: actions/checkout@v4 - - name: Install Nix with good defaults - uses: input-output-hk/install-nix-action@v20 + - uses: actions/checkout@v4 + + - uses: cachix/install-nix-action@v30 with: + nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: | trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= substituters = https://cache.iog.io/ https://cache.nixos.org/ - nix_path: nixpkgs=channel:nixos-unstable - - name: Open nix environment - uses: rrbutani/use-nix-shell-action@v1 + + - uses: rrbutani/use-nix-shell-action@v1 + - name: Update dependencies run: cabal update; cabal freeze + - name: Obtain GHC version run: | echo "VERSION=$(ghc --numeric-version)" >> "$GITHUB_OUTPUT" id: ghc + - name: HLS caching uses: actions/cache@v4 with: @@ -43,10 +45,11 @@ jobs: /home/runner/.cache/hie-bios /home/runner/.cache/ghcide /home/runner/.local/state/cabal - .ghc.environment.x86_64-linux-9.8.2 + .ghc.environment.x86_64-linux-* dist-newstyle key: hls-cache-${{ env.HLS_CACHE_VERSION }}-${{ runner.os }}-${{ steps.ghc.outputs.VERSION }}-${{ hashFiles('**/cabal.project.freeze') }}-${{ hashFiles('**/*.cabal', '**/cabal.project') }} restore-keys: | hls-cache-${{ env.HLS_CACHE_VERSION }}-${{ runner.os }}-${{ steps.ghc.outputs.VERSION }}-${{ hashFiles('**/cabal.project.freeze') }}- + - name: Test HLS works run: haskell-language-server diff --git a/.github/workflows/markdown-links-ci-check.yml b/.github/workflows/markdown-links-ci-check.yml index f8db014fa4..3a8dd7130a 100644 --- a/.github/workflows/markdown-links-ci-check.yml +++ b/.github/workflows/markdown-links-ci-check.yml @@ -8,7 +8,7 @@ jobs: markdown-link-check: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: gaurav-nelson/github-action-markdown-link-check@v1 with: use-quiet-mode: yes diff --git a/.github/workflows/release-upload.yml b/.github/workflows/release-upload.yml index e095d3e90c..c89cba1c94 100644 --- a/.github/workflows/release-upload.yml +++ b/.github/workflows/release-upload.yml @@ -110,7 +110,7 @@ jobs: # success # Because we care of the newlines, quoting $conclusion with "" is especially important below! # (see https://stackoverflow.com/questions/22101778/how-to-preserve-line-breaks-when-storing-command-output-to-a-variable) - + # shellcheck disable=SC2126 num_failure=$(echo "$conclusion" | grep "^failure" | wc -l) num_status=$(echo "$conclusion" | wc -l) @@ -129,7 +129,7 @@ jobs: sleep 30 fi done - + pull: needs: [wait_for_hydra] strategy: @@ -139,13 +139,13 @@ jobs: name: "Download Asset" runs-on: ubuntu-latest steps: - - name: Install Nix with good defaults - uses: input-output-hk/install-nix-action@v20 + - uses: cachix/install-nix-action@v30 with: + nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: | trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= substituters = https://cache.iog.io/ https://cache.nixos.org/ - nix_path: nixpkgs=channel:nixos-unstable + - name: Display flake metadata id: flake-metadata run: | diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index a5d0fa60f7..d3499821ca 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -15,18 +15,16 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - name: Install Nix with good defaults - uses: input-output-hk/install-nix-action@v20 + + - uses: cachix/install-nix-action@v30 with: + nix_path: nixpkgs=channel:nixos-unstable extra_nix_config: | trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ= substituters = https://cache.iog.io/ https://cache.nixos.org/ - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/install-nix-action@v18 - with: - nix_path: nixpkgs=channel:nixos-unstable - # Make the Nix environment available to next steps + - uses: rrbutani/use-nix-shell-action@v1 + - name: Shellcheck run: | for file in $(git ls-files "*.sh") diff --git a/.github/workflows/stale-bot.yml b/.github/workflows/stale-bot.yml index 5fef42c6ec..0133827ca6 100644 --- a/.github/workflows/stale-bot.yml +++ b/.github/workflows/stale-bot.yml @@ -7,7 +7,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@v6 + - uses: actions/stale@v9 with: stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 120 days.' stale-pr-message: 'This PR is stale because it has been open 45 days with no activity.' diff --git a/flake.nix b/flake.nix index 84a417f9be..62389c906d 100644 --- a/flake.nix +++ b/flake.nix @@ -31,8 +31,9 @@ # see flake `variants` below for alternative compilers defaultCompiler = "ghc982"; - haddockShellCompiler = defaultCompiler; - crossCompilerVersion = "ghc966"; # Used for cross compilation, and so referenced in .github/workflows/release-upload.yml. Adapt the latter if you change this value. + # Used for cross compilation, and so referenced in .github/workflows/release-upload.yml. Adapt the + # latter if you change this value. + crossCompilerVersion = "ghc966"; in {inherit (inputs) incl;} // inputs.flake-utils.lib.eachSystem supportedSystems ( @@ -78,7 +79,6 @@ p.mingwW64 # x86_64-windows p.aarch64-multiplatform-musl # aarch64-linux (static) p.musl64 # x86_64-linux (static) - ]; # CHaP input map, so we can find CHaP packages (needs to be more @@ -93,13 +93,13 @@ shell.tools = { cabal = "3.14.1.1"; - ghcid = "0.8.8"; } // lib.optionalAttrs (config.compiler-nix-name == defaultCompiler) { # tools that work only with default compiler + ghcid = "0.8.9"; cabal-gild = "1.3.1.2"; - fourmolu = "0.16.2.0"; - haskell-language-server.src = nixpkgs.haskell-nix.sources."hls-2.8"; + fourmolu = "0.17.0.0"; + haskell-language-server.src = nixpkgs.haskell-nix.sources."hls-2.9"; hlint = "3.8"; stylish-haskell = "0.14.6.0"; }; @@ -192,8 +192,7 @@ # This ensure hydra send a status for the required job (even if no change other than commit hash) revision = nixpkgs.writeText "revision" (inputs.self.rev or "dirty"); }; - } - // {haddockShell = devShells.haddockShell;}; + }; legacyPackages = rec { inherit cabalProject nixpkgs; # also provide hydraJobs through legacyPackages to allow building without system prefix: @@ -207,14 +206,7 @@ profiling = (p.appendModule {modules = [{enableLibraryProfiling = true;}];}).shell; }; in - profilingShell cabalProject - # Add GHC 9.6 shell for haddocks - // { - haddockShell = let - p = cabalProject.appendModule {compiler-nix-name = haddockShellCompiler;}; - in - p.shell // (profilingShell p); - }; + profilingShell cabalProject; # formatter used by nix fmt formatter = nixpkgs.alejandra;