mirror of
https://github.com/foo-dogsquared/wiki.git
synced 2025-01-31 07:57:57 +00:00
7.9 KiB
7.9 KiB
GitHub Actions
- a CI/CD tool integrated into GitHub
- it is free for public repos but limited time per month for private repos
- documentation for it
-
focused into creating workflows which can be separate and applied in different contexts
- a workflow is activated from an event
- stored in
.github/workflowsin the remote repo
- each workflow can run a job which are composed of steps
- each step make uses an action which is basically a script; it can interact with the repo or do something else entirely without ever touching it
- you can use already defined actions or with your own
- if you want to explore other options, the GitHub marketplace allows searching for various third-party actions
Ecosystem
- there is also a detailed guide in introducing the overall concept
- the workflow allows you to create build artifacts; you have fine-grained control such as letting you upload certain files to be artifacts and downloading them after a workflow run; it also enables sharing of data between jobs
- it can make automated releases like what I have done with one of my projects
- it can create automated Git commits with Git Auto Commit; combine with the ability to set schedules, you can create an automatic sync following a project
- otherwise, you can also create automated release but have to go through a merge request; for example, this is how Simple Icons maintain their releases
Actions
- each of the job is mostly built with the actions
- like previously mentioned, you can search these actions in GitHub's marketplace
- the actions are primarily defined with
actions.ymlfrom the root which can serve as a documentation for the parameters
Examples
With GitHub Actions being a massive ecosystem of integrations as of 2021-07-05, we have to find some examples in the worldwide community repos from there.
Python version of an installation
The following block is a minimal example checking the Python version in the installation.
name: Python version
on: [push]
jobs:
check-python-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
- run: python --versionDocker container integration
In this case, we'll push an image to docker.io registry.
name: Docker build image
on: [push]
jobs:
docker:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Setup Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v2
with:
push: true
tags: ${{ secrets.DOCKERHUB_USERNAME }}/python-helloworld:latest
platforms: linux/amd64,linux/arm64
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}Building a Nix binary cache
We'll use Cachix as our binary cache service. This makes it easier to setup and distribute your own project built with Nix package manager.
name: "Push packages into Cachix cache"
on:
pull_request:
push:
jobs:
tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2.3.4
- uses: cachix/install-nix-action@v13
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v10
with:
name: mycache
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
- run: nix-build
- run: nix-shell --run "echo OK"Multiple jobs with matrix
We'll use the GitHub Actions workflow file from the NUR template. It is somewhat complex and it is doing a fine job showcasing some of GitHub Actions features.
name: "Build and populate cache"
on:
pull_request:
push:
schedule:
# rebuild everyday at 2:51
# TIP: Choose a random time here so not all repositories are build at once:
# https://www.random.org/clock-times/?num=1&earliest=01%3A00&latest=08%3A00&interval=5&format=html&rnd=new
- cron: '27 4 * * *'
jobs:
tests:
strategy:
matrix:
# Set this to notify the global nur package registry that changes are
# available.
#
# The repo name as used in
# https://github.com/nix-community/NUR/blob/master/repos.json
nurRepo:
- '<YOUR_NUR_REPO>'
# Set this to cache your build results in cachix for faster builds
# in CI and for everyone who uses your cache.
#
# Format: Your cachix cache host name without the ".cachix.org" suffix.
# Example: mycache (for mycache.cachix.org)
#
# For this to work, you also need to set the CACHIX_SIGNING_KEY secret
# in your repository settings in Github found at https://github.com/<your_githubname>/nur-packages/settings/secrets
cachixName:
- '<YOUR_CACHIX_NAME>'
nixPath:
- nixpkgs=channel:nixos-unstable
- nixpkgs=channel:nixpkgs-unstable
- nixpkgs=channel:nixos-21.05
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2.3.4
- name: Install nix
uses: cachix/install-nix-action@v13
with:
nix_path: "${{ matrix.nixPath }}"
- name: Show nixpkgs version
run: nix-instantiate --eval -E '(import <nixpkgs> {}).lib.version'
- name: Setup cachix
uses: cachix/cachix-action@v10
if: ${{ matrix.cachixName != '<YOUR_CACHIX_NAME>' }}
with:
name: ${{ matrix.cachixName }}
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
- name: Check evaluation
run: |
nix-env -f . -qa \* --meta --xml \
--allowed-uris https://static.rust-lang.org \
--option restrict-eval true \
--option allow-import-from-derivation true \
--drv-path --show-trace \
-I nixpkgs=$(nix-instantiate --find-file nixpkgs) \
-I $PWD
- name: Build nix packages
# TODO switch to default nixpkgs channel once nix-build-uncached 1.0.0 is in stable
run: nix run -I 'nixpkgs=channel:nixos-unstable' nixpkgs.nix-build-uncached -c nix-build-uncached ci.nix -A cacheOutputs
- name: Trigger NUR update
if: ${{ matrix.nurRepo != <YOUR_NUR_REPO>' }}
run: curl -XPOST "https://nur-update.herokuapp.com/update?repo=${{ matrix.nurRepo }}"