Skip to content
/ ci Public

Determinate CI is the one-stop shop for effortless Nix CI in GitHub Actions.

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DeterminateSystems/ci

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
.github/workflows
.github/workflows
 
 
README.md
README.md
 
 

Repository files navigation

Determinate CI

The one-stop shop for effortless Nix CI in GitHub Actions.

Status: The Determinate CI workflow is an experiment. It may change significantly without warning. Please feel free to try it out, report bugs, and let us know how it goes in our Discord! Stabilization to follow.

Usage

Create a workflow in your project at .github/workflows/ci.yml, and copy in this text:

on:
  pull_request:
  workflow_dispatch:
  push:
    branches:
      - main
      - master
    tags:
      - "v?[0-9]+.[0-9]+.[0-9]+*"

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

jobs:
  DeterminateCI:
    uses: DeterminateSystems/ci/.github/workflows/workflow.yml@main
    permissions:
      id-token: "write"
      contents: "read"

and you're done, you'll get something like this:

image

Publishing to FlakeHub

Publish to FlakeHub on every push to the default branch, and every tag. Specify the flake's visibility:

on:
  pull_request:
  workflow_dispatch:
  push:
    branches:
      - main
      - master
    tags:
      - "v?[0-9]+.[0-9]+.[0-9]+*"

concurrency:
  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
  cancel-in-progress: true

jobs:
  DeterminateCI:
    uses: DeterminateSystems/ci/.github/workflows/workflow.yml@main
    permissions:
      id-token: "write"
      contents: "read"
    with:
      visibility: public

Advanced Usage

Custom Runner Types

The default runner map uses ubuntu-latest for x86 Linux, and macos-latest for macOS. Take advantage of larger GitHub runners by providing a custom runner map:

jobs:
  DeterminateCI:
    uses: DeterminateSystems/ci/.github/workflows/workflow.yml@main
    permissions:
      id-token: "write"
      contents: "read"
    with:
      runner-map: |
        {
          "aarch64-darwin": "macos-latest-xlarge",
          "aarch64-linux": "UbuntuLatest32Cores128GArm",
          "i686-linux": "UbuntuLatest32Cores128G",
          "x86_64-darwin": "macos-latest-xlarge",
          "x86_64-linux": "UbuntuLatest32Cores128G"
        }

SSH Private Keys

Configure an SSH agent with a secret private key for private repository support.

jobs:
  DeterminateCI:
    uses: DeterminateSystems/ci/.github/workflows/workflow.yml@main
    permissions:
      id-token: "write"
      contents: "read"
    with:
      enable-ssh-agent: true
    secrets:
      ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

Notes

Use of this workflow uses a collection of GitHub Action by Determinate Systems, which are covered by the Determinate Systems privacy policy and terms of service.

About

Determinate CI is the one-stop shop for effortless Nix CI in GitHub Actions.

Resources

Readme

Code of conduct

Code of conduct
Activity
Custom properties

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •