Support the MacOS sandbox for larger projects #873
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Run test suite" | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| push: | |
| branches: | |
| - 'master' | |
| - 'ci*' # Allow testing CI fixes without opening a PR | |
| permissions: | |
| contents: read | |
| jobs: | |
| tests-pass: | |
| name: all systems go | |
| runs-on: ubuntu-latest | |
| if: ${{ always() && contains(needs.*.result, 'failure') }} | |
| steps: | |
| - run: exit 1 | |
| needs: | |
| - check-dead-code | |
| - check-fmt | |
| - examples | |
| - tests | |
| tests: | |
| strategy: | |
| # Allow other jobs to finish building and cache properly before bailing | |
| fail-fast: false | |
| matrix: | |
| include: | |
| # Latest and greatest release of Nix | |
| - install_url: https://nixos.org/nix/install | |
| # The 23.11 branch ships with Nix 2.18.1 | |
| - install_url: https://releases.nixos.org/nix/nix-2.18.1/install | |
| nixpkgs-override: "--override-input nixpkgs $(./ci/ref-from-lock.sh ./test#nixpkgs)" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v24 | |
| with: | |
| install_url: ${{ matrix.install_url }} | |
| - uses: cachix/cachix-action@v13 | |
| with: | |
| name: crane | |
| authToken: ${{ github.ref == 'refs/heads/master' && secrets.CACHIX_AUTH_TOKEN || '' }} | |
| - name: flake checks | |
| run: nix develop --accept-flake-config --command ./ci/fast-flake-check.sh . ${{ matrix.nixpkgs-override }} | |
| - name: extra tests | |
| run: nix develop --accept-flake-config ${{ matrix.nixpkgs-override }} --command ./extra-tests/test.sh | |
| examples: | |
| strategy: | |
| # Allow other jobs to finish building and cache properly before bailing | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - os: ubuntu-latest | |
| # Latest and greatest release of Nix | |
| install_url: https://nixos.org/nix/install | |
| nixpkgs: ".#nixpkgs" | |
| - os: ubuntu-latest | |
| # The 23.11 branch ships with Nix 2.18.1 | |
| install_url: https://releases.nixos.org/nix/nix-2.18.1/install | |
| nixpkgs: "./test#nixpkgs" | |
| - os: macos-12 | |
| # Latest and greatest release of Nix | |
| install_url: https://nixos.org/nix/install | |
| nixpkgs: "./test#nixpkgs-darwin" | |
| filter: "-not -name build-std -not -name cross-musl -not -name cross-rust-overlay" | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v24 | |
| with: | |
| install_url: ${{ matrix.install_url }} | |
| - uses: cachix/cachix-action@v13 | |
| with: | |
| name: crane | |
| authToken: ${{ github.ref == 'refs/heads/master' && secrets.CACHIX_AUTH_TOKEN || '' }} | |
| - name: validate examples | |
| # Nix won't write a lockfile when --override-input is used (which is good because it will | |
| # complain that the lock file is .gitignored), but nix-eval-jobs doesn't, so we'll have to | |
| # "opt-out" of our lockfile .gitignore | |
| run: | | |
| rm ./examples/.gitignore | |
| nix develop .# --accept-flake-config --command bash -c ' | |
| for f in $(find ./examples -maxdepth 1 -mindepth 1 -type d ${{ matrix.filter }} | sort -u); do | |
| ./ci/check-example.sh "${f}" ${{ matrix.nixpkgs }} | |
| done | |
| ' | |
| check-dead-code: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v24 | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| - name: check for dead code | |
| run: nix run github:astro/deadnix -- . | |
| check-fmt: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v24 | |
| - uses: DeterminateSystems/magic-nix-cache-action@main | |
| - name: check formatting | |
| run: nix fmt --accept-flake-config -- --check . |