.github/workflows/ci.yml

name: CI

on:
  pull_request:
  merge_group:
  push:
    branches:
      - "master"

concurrency:
  group: ${{ github.repository }}-${{ github.workflow }}
  cancel-in-progress: false

jobs:
  nix-matrix:
    runs-on: ubuntu-latest
    outputs:
      matrix: ${{ steps.set-matrix.outputs.matrix }}
    steps:
      - uses: actions/checkout@v4
      - uses: cachix/install-nix-action@v27
      - id: set-matrix
        name: Generate Nix Matrix
        run: |
          set -euo pipefail

          matrix="$(nix eval --json '.#githubActions.matrix')"
          echo "matrix=${matrix}" >> "$GITHUB_OUTPUT"

  nix-build:
    needs: nix-matrix
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      max-parallel: 10
      matrix: ${{ fromJSON(needs.nix-matrix.outputs.matrix) }}
    steps:
      - uses: actions/checkout@v4
      - uses: cachix/install-nix-action@v27
      - uses: cachix/cachix-action@v15
        with:
          name: poetry2nix
          authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }}
      - run: nix build -L ".#${{ matrix.attr }}" --keep-going

  nix-build-shell:
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          - macos-13
          - macos-14
    steps:
      - uses: actions/checkout@v4
      - uses: cachix/install-nix-action@v27
      - uses: cachix/cachix-action@v15
        with:
          name: poetry2nix
          authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }}
      - name: compute system from nixpkgs
        run: |
          echo "NIXPKGS_SYSTEM=$(nix eval --raw 'nixpkgs#system')" >> "$GITHUB_ENV"
      - run: nix build -L ".#devShells.${NIXPKGS_SYSTEM}.default" --keep-going

  nix-flake-show:
    # ensure flake-exposed endpoints (apps, packages, devShells) are of correct types
    # (something like apps.${SYSTEM}.<app> can be hard to get right)
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          - macos-13
          - macos-14
    steps:
      - uses: actions/checkout@v4
      - uses: cachix/install-nix-action@v27
      - uses: cachix/cachix-action@v15
        with:
          name: poetry2nix
          authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }}
      - run: nix flake show --all-systems

  test-template:
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          - macos-13
          - macos-14
    steps:
      - uses: actions/checkout@v4
      - uses: cachix/install-nix-action@v27
      - uses: cachix/cachix-action@v15
        with:
          name: poetry2nix
          authToken: ${{ secrets.POETRY2NIX_CACHIX_AUTH_TOKEN }}

      - name: create flake template test directory
        run: echo "TESTDIR=$(mktemp -d)" >> "$GITHUB_ENV"

      - name: initialize flake from poetry2nix template
        working-directory: ${{ env.TESTDIR }}
        run: nix flake init --template "$GITHUB_WORKSPACE"

      - name: force flake to our poetry2nix version
        working-directory: ${{ env.TESTDIR }}
        run: nix flake lock --override-input poetry2nix "$GITHUB_WORKSPACE"

      - name: generate poetry.lock
        working-directory: ${{ env.TESTDIR }}
        run: nix develop '.#poetry' -c poetry lock --no-update

      - name: create a minimal python package
        working-directory: ${{ env.TESTDIR }}
        run: |
          touch README.md
          mkdir poetry2nix_template_test
          touch poetry2nix_template_test/__init__.py

      - name: build the flake
        working-directory: ${{ env.TESTDIR }}
        run: nix build --keep-going -L --show-trace

  collect:
    runs-on: ubuntu-latest
    needs:
      - nix-build
      - nix-build-shell
      - test-template
      - nix-flake-show
    steps:
      - run: exit 0

  release:
    if: github.ref == 'refs/heads/master'
    needs: collect
    name: "Release"
    runs-on: "ubuntu-latest"
    permissions:
      contents: write
      pull-requests: read
    steps:
      - uses: actions/checkout@v4
      - name: "Generate tag"
        id: tag
        run: echo "tag=$(./tools/auto_version.py)" >> "$GITHUB_OUTPUT"
      - uses: "marvinpinto/action-automatic-releases@latest"
        with:
          repo_token: "${{ secrets.GITHUB_TOKEN }}"
          automatic_release_tag: "${{ steps.tag.outputs.tag }}"
          prerelease: false