From 79362ac33a94ff65e4723e0befb7e665a1742907 Mon Sep 17 00:00:00 2001 From: MonsterDruide1 <5958456@gmail.com> Date: Thu, 8 Jan 2026 18:32:11 +0100 Subject: [PATCH] workflow: Check NixOS setup on PRs (#856) --- .github/workflows/nix-check-setup.yml | 65 +++++++++++++++++++++++++++ flake.lock | 18 +------- flake.nix | 8 +++- 3 files changed, 72 insertions(+), 19 deletions(-) create mode 100644 .github/workflows/nix-check-setup.yml diff --git a/.github/workflows/nix-check-setup.yml b/.github/workflows/nix-check-setup.yml new file mode 100644 index 00000000..667676fc --- /dev/null +++ b/.github/workflows/nix-check-setup.yml @@ -0,0 +1,65 @@ +name: Check and verify that setup works on NixOS +on: + push: + pull_request_target: + types: [opened, synchronize] +permissions: + contents: read + pull-requests: read + +jobs: + nixos_verify: + if: github.repository == 'MonsterDruide1/OdysseyDecomp' + runs-on: ubuntu-24.04 + steps: + - name: Check out project + uses: actions/checkout@v6 + with: + submodules: recursive + - name: Check out branch if in PR + if: ${{ github.event_name == 'pull_request_target' }} + uses: actions/checkout@v6 + with: + ref: ${{ github.event.pull_request.head.sha }} + submodules: recursive + - name: Download main.nso from secret + env: + EXEFS_SHARED_PASS: ${{ secrets.EXEFS_SHARED_PASS }} + run: curl -u "github-odyssey:$EXEFS_SHARED_PASS" https://monsterdruide.one/secrets/smo-main.nso -O + - uses: cachix/install-nix-action@v31 + - uses: DeterminateSystems/magic-nix-cache-action@v13 + - name: First check of nix flake + # catches syntax errors or misconfigurations of the flake on all systems + run: nix flake check --all-systems + - name: Try entering devshell + # causes exit code (=failure) if current system's artifact is unavailable + run: nix develop + - name: Install and setup direnv + run: | + sudo apt-get update && sudo apt-get install -y direnv + echo "export USE_NIX=true" > .envrc.private + direnv allow . + direnv export gha > "$GITHUB_ENV" + - name: Verify that latest artifact hashes are used + # checks all system's hashes being correct and up-to-date + run: | + python3 tools/nix/update_hashes.py + if [[ -n $(git status --porcelain) ]]; then + git status --porcelain + exit 1 + fi + + # test run of the project: setup, build, trigger diff + - name: Run NixOS-specific setup + run: nix run .#setup -- smo-main.nso + - name: Build project + run: tools/build.py + - name: Check viking and output of asm-differ + run: | + var="$(tools/check -mw3 nninitStartup --always-diff | cat > outfile || true)" + if [[ "$(cat outfile)" == "TARGET"* ]]; then + exit 0 + else + cat outfile + exit 1 + fi diff --git a/flake.lock b/flake.lock index 27eefb19..099dc2c3 100644 --- a/flake.lock +++ b/flake.lock @@ -52,23 +52,7 @@ "root": { "inputs": { "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs", - "systems": "systems" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" + "nixpkgs": "nixpkgs" } } }, diff --git a/flake.nix b/flake.nix index 63a6a229..943db541 100644 --- a/flake.nix +++ b/flake.nix @@ -2,13 +2,17 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; flake-parts.url = "github:hercules-ci/flake-parts"; - systems.url = "github:nix-systems/default"; }; outputs = inputs: inputs.flake-parts.lib.mkFlake { inherit inputs; } { - systems = import inputs.systems; + systems = [ + "aarch64-darwin" + "aarch64-linux" + #"x86_64-darwin" # missing tools artifact for this system + "x86_64-linux" + ]; perSystem = { system,