@@ -83,16 +83,30 @@ jobs:
8383 fetch_cmd_aarch64-linux : ${{ steps.report.outputs.fetch_cmd_aarch64-linux }}
8484 fetch_cmd_x86_64-darwin : ${{ steps.report.outputs.fetch_cmd_x86_64-darwin }}
8585 fetch_cmd_aarch64-darwin : ${{ steps.report.outputs.fetch_cmd_aarch64-darwin }}
86+
8687 steps :
8788 - name : prepare /nix
8889 run : sudo mkdir /mnt/nix && sudo mount -m -o bind /mnt/nix /nix
8990 if : ${{ matrix.system == 'x86_64-linux' || matrix.system == 'aarch64-linux' }}
91+
9092 - name : install nix
9193 uses : DeterminateSystems/nix-installer-action@v16
94+
95+ - name : install packages
96+ run : |
97+ pkgs=(coreutils nixpkgs-review)
98+ if [[ ${{ inputs.attic && vars.ATTIC_SERVER != '' && vars.ATTIC_CACHE != '' }} = true ]]; then
99+ pkgs+=(attic-client)
100+ fi
101+ args=()
102+ for pkg in ${pkgs[@]}; do args+=("github:nixos/nixpkgs/nixos-unstable#$pkg"); done
103+ nix profile install ${args[@]}
104+
92105name : clone nixpkgs
93106 uses : actions/checkout@v4
94107 with :
95108 repository : NixOS/nixpkgs
109+
96110 - name : wait for upstream eval
97111 if : ${{ inputs.upstream-eval-timeout > 0 && !inputs.local-eval }}
98112 env :
@@ -108,9 +122,10 @@ jobs:
108122 if [[ "$status" = "SUCCESS" ]]; then break; fi
109123 sleep 10
110124 done
125+
111126name : run nixpkgs-review
112127 run : |
113- nix run github:nixos/nixpkgs/nixos-unstable# nixpkgs-review -- \
128+ nixpkgs-review -- \
114129 pr ${{ inputs.pr }} \
115130 --eval ${{ inputs.local-eval && 'local' || 'auto' }} \
116131 --no-shell \
@@ -120,16 +135,15 @@ jobs:
120135 || true
121136env :
122137 GITHUB_TOKEN : ${{ github.token }}
138+
123139 - name : push results to attic
124140 if : ${{ inputs.attic && vars.ATTIC_SERVER != '' && vars.ATTIC_CACHE != '' }}
125141 run : |
126142 set -ex
127- attic=$(nix build --no-link --print-out-paths github:nixos/nixpkgs/nixos-unstable#attic-client)/bin/attic
128- realpath=$(nix build --no-link --print-out-paths github:nixos/nixpkgs/nixos-unstable#coreutils)/bin/realpath
129- $attic login default "$ATTIC_SERVER" "$ATTIC_TOKEN"
130- $attic cache info "$ATTIC_CACHE"
131- ($realpath -qe ~/.cache/nixpkgs-review/pr-${{ inputs.pr }}/results/* || true) > paths
132- $attic push --stdin "$ATTIC_CACHE" < paths
143+ attic login default "$ATTIC_SERVER" "$ATTIC_TOKEN"
144+ attic cache info "$ATTIC_CACHE"
145+ (realpath -qe ~/.cache/nixpkgs-review/pr-${{ inputs.pr }}/results/* || true) > paths
146+ attic push --stdin "$ATTIC_CACHE" < paths
133147 info=$(curl -f -H "Authorization: Bearer ${ATTIC_TOKEN}" "${ATTIC_SERVER}_api/v1/cache-config/${ATTIC_CACHE}")
134148 substituter_endpoint=$(jq -r .substituter_endpoint <<< "$info")
135149 public_key=$(jq -r .public_key <<< "$info")
@@ -151,28 +165,30 @@ jobs:
151165 ATTIC_SERVER : ${{ vars.ATTIC_SERVER }}
152166 ATTIC_CACHE : ${{ vars.ATTIC_CACHE }}
153167 ATTIC_TOKEN : ${{ secrets.ATTIC_TOKEN }}
168+
154169 - name : start upterm session
155170 if : ${{ inputs.upterm }}
156171 uses : owenthereal/action-upterm@v1
157172 with :
158173 limit-access-to-actor : true
174+
159175 - name : generate report
160176 id : report
161177 run : |
162- base64=$(nix build --no-link --print-out-paths github:nixos/nixpkgs/nixos-unstable#coreutils)/bin/base64
163178 if [[ -s fetch_cmd ]]; then
164179 cat fetch_cmd
165- echo fetch_cmd_${{ matrix.system }}=$($ base64 -w0 fetch_cmd) >> "$GITHUB_OUTPUT"
180+ echo fetch_cmd_${{ matrix.system }}=$(base64 -w0 fetch_cmd) >> "$GITHUB_OUTPUT"
166181 fi
167182 report=~/.cache/nixpkgs-review/pr-${{ inputs.pr }}/report.md
168183 cat $report
169- echo report_${{ matrix.system }}=$($ base64 -w0 $report) >> "$GITHUB_OUTPUT"
184+ echo report_${{ matrix.system }}=$(base64 -w0 $report) >> "$GITHUB_OUTPUT"
170185
171186report :
172187 runs-on : ubuntu-latest
173188 needs : [review]
174189 outputs :
175190 report : ${{ steps.report.outputs.report }}
191+
176192 steps :
177193 - name : generate report
178194 id : report
@@ -214,9 +230,11 @@ jobs:
214230 needs : [report]
215231 if : ${{ inputs.post-result }}
216232 environment : post-result
233+
217234 steps :
218235 - name : fetch report
219236 run : echo ${{ needs.report.outputs.report }} | base64 -d > report.md
237+
220238 - name : post comment
221239 run : |
222240 if [[ -n "$GH_TOKEN" ]]; then
0 commit comments