diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index cb6933a0..c2a75323 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -16,7 +16,13 @@ on: jobs: # This workflow contains a single job called "build" build: - runs-on: ubuntu-latest + strategy: + # fail-fast: false # TODO: @angerman do we want that? + matrix: + devshell: ['ghc8107', 'ghc902', 'ghc925', 'ghc8107-minimal', 'ghc902-minimal', 'ghc925-minimal', 'ghc8107-static-minimal', 'ghc902-static-minimal', 'ghc925-static-minimal'] + os: [ubuntu-latest, macOS-latest] + # The type of runner that the job will run on + runs-on: ${{ matrix.os }} steps: - name: Install Nix with good defaults uses: cachix/install-nix-action@v17 @@ -35,4 +41,6 @@ jobs: AWS_ACCESS_KEY_ID: ${{ secrets.KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.SECRET }} NIX_STORE_SECRET_KEY: ${{ secrets.SECRET_KEY }} + FLAKE_DEV_SHELL: ${{ matrix.devshell }} + GA_HOST_OS: ${{ matrix.os }} run: ./extra/s3-uploads.sh diff --git a/extra/s3-uploads.sh b/extra/s3-uploads.sh index 46a3f257..a9310cef 100755 --- a/extra/s3-uploads.sh +++ b/extra/s3-uploads.sh @@ -2,20 +2,12 @@ #! nix-shell -i bash -p awscli zstd set -euo pipefail -DEV_SHELLS=( - "ghc8107" - "ghc902" - "ghc925" - "ghc8107-minimal" - "ghc902-minimal" - "ghc925-minimal" - "ghc8107-static-minimal" - "ghc902-static-minimal" - "ghc925-static-minimal" -) - -# TODO: darwin builds need to run non-sandboxed ... -SYSTEMS=("x86_64-linux") # ("aarch64-darwin" "aarch64-linux" "x86_64-darwin") +if [ "$GA_HOST_OS" == "ubuntu-latest" ]; then + SYSTEMS=("x86_64-linux") # TODO: aarch64-linux +fi +if [ "$GA_HOST_OS" == "macOS-latest" ]; then + SYSTEMS=("x86_64-darwin") # TODO: aarch64-darwin +fi # `awscli` doesn't seems to provide a stateless mode :') aws configure set aws_access_key_id "${AWS_ACCESS_KEY_ID}" @@ -25,18 +17,16 @@ aws configure set aws_secret_access_key "${AWS_SECRET_ACCESS_KEY}" echo "${NIX_STORE_SECRET_KEY}" > ./secret-key for system in "${SYSTEMS[@]}"; do - for devShell in "${DEV_SHELLS[@]}"; do - DEV_SHELL="${system}.${devShell}" - FLAKE=".#devShells.${DEV_SHELL} --no-write-lock-file --refresh --system ${system} --accept-flake-config" - # shellcheck disable=SC2086 - nix build ${FLAKE} - nix store sign --key-file ./secret-key --recursive ./result - # shellcheck disable=SC2046 - nix-store --export $(nix-store -qR ./result) | zstd -z8T8 > "${DEV_SHELL}.zstd" - # shellcheck disable=SC2086 - nix print-dev-env ${FLAKE} > "${DEV_SHELL}.sh" - aws --endpoint-url https://s3.zw3rk.com s3 cp "./${DEV_SHELL}.zstd" s3://devx/ - aws --endpoint-url https://s3.zw3rk.com s3 cp "./${DEV_SHELL}.sh" s3://devx/ - rm result - done + DEV_SHELL="${system}.${FLAKE_DEV_SHELL}" + FLAKE=".#devShells.${DEV_SHELL} --no-write-lock-file --refresh --system ${system} --accept-flake-config" + # shellcheck disable=SC2086 + nix build ${FLAKE} + nix store sign --key-file ./secret-key --recursive ./result + # shellcheck disable=SC2046 + nix-store --export $(nix-store -qR ./result) | zstd -z8T8 > "${DEV_SHELL}.zstd" + # shellcheck disable=SC2086 + nix print-dev-env ${FLAKE} > "${DEV_SHELL}.sh" + aws --endpoint-url https://s3.zw3rk.com s3 cp "./${DEV_SHELL}.zstd" s3://devx/ + aws --endpoint-url https://s3.zw3rk.com s3 cp "./${DEV_SHELL}.sh" s3://devx/ + rm result done