grapheneos: don't ask to opt into security preview releases #1119
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-FileCopyrightText: 2020 Daniel Fullmer and robotnix contributors | |
| # SPDX-License-Identifier: MIT | |
| name: "Basic Tests" | |
| on: | |
| pull_request: | |
| push: | |
| jobs: | |
| nix-instantiate: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2.3.5 | |
| - uses: cachix/install-nix-action@v31.1.0 | |
| with: | |
| extra_nix_config: | | |
| experimental-features = nix-command flakes | |
| - run: | | |
| # TODO use nix-eval-jobs again when we have it cached | |
| nix-instantiate --option allow-import-from-derivation false --show-trace ./release.nix | tee eval.json | |
| jq -c 'select(.error)' eval.json | tee errors.json | |
| if [[ "$(wc -l < errors.json)" > 0 ]]; then exit 1; fi | |
| robotnix-eval-tests: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2.3.5 | |
| - uses: cachix/install-nix-action@v31.1.0 | |
| - run: | | |
| OUTPUT=$(nix-instantiate --eval --strict tests/eval.nix) | |
| if [[ "$OUTPUT" != "[ ]" ]]; then | |
| echo "Instantiation tests failed:" | |
| echo $OUTPUT | |
| fi | |
| nixos-tests: | |
| runs-on: ubuntu-latest | |
| # attestation server is broken | |
| if: false | |
| steps: | |
| - uses: actions/checkout@v2.3.5 | |
| - uses: cachix/install-nix-action@v31.1.0 | |
| with: | |
| extra_nix_config: | | |
| system-features = nixos-test benchmark big-parallel kvm | |
| - uses: cachix/cachix-action@v10 | |
| with: | |
| name: robotnix | |
| - run: nix-build ./release.nix -A tests | |
| flake: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| # Nix Flakes doesn't work on shallow clones | |
| fetch-depth: 0 | |
| - uses: cachix/install-nix-action@v31.1.0 | |
| with: | |
| extra_nix_config: | | |
| experimental-features = nix-command flakes | |
| - run: | | |
| nix flake check --show-trace | |
| export ORIG_DIR=$PWD | |
| cd $(mktemp -d) | |
| nix flake init -t $ORIG_DIR | |
| nix flake check --override-input robotnix $ORIG_DIR --show-trace | |
| checks: | |
| runs-on: ubuntu-latest | |
| # FIXME python-based updaters don't pass the checks | |
| if: false | |
| steps: | |
| - uses: actions/checkout@v2.3.5 | |
| - uses: cachix/install-nix-action@v31.1.0 | |
| - uses: cachix/cachix-action@v10 | |
| with: | |
| name: robotnix | |
| - run: nix-shell --run ./scripts/check.sh |