chore(deps): update rust crate mio to v1 - autoclosed #472
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: nix | |
| on: | |
| pull_request: | |
| branches: [ "main" ] | |
| push: | |
| branches: [ "main" ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ github.token }} | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: nixsgx | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| extraPullNames: vault-auth-tee | |
| - name: Enable magic Nix cache | |
| uses: DeterminateSystems/magic-nix-cache-action@main | |
| - run: nix flake check -L --show-trace --keep-going | |
| build: | |
| needs: check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ github.token }} | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: nixsgx | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| extraPullNames: vault-auth-tee | |
| - name: Enable magic Nix cache | |
| uses: DeterminateSystems/magic-nix-cache-action@main | |
| - name: nix build | |
| run: nix run github:nixos/nixpkgs/nixos-23.11#nixci | |
| push_to_docker: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.config.nixpackage }} | |
| cancel-in-progress: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| config: | |
| - { nixpackage: 'container-vault-sgx-azure' } | |
| - { nixpackage: 'container-vault-unseal-sgx-azure' } | |
| - { nixpackage: 'container-vault-admin-sgx-azure' } | |
| - { nixpackage: 'container-vault-unseal' } | |
| - { nixpackage: 'container-vault-admin' } | |
| - { nixpackage: 'container-self-attestation-test-sgx-dcap' } | |
| - { nixpackage: 'container-self-attestation-test-sgx-azure' } | |
| - { nixpackage: 'container-verify-attestation-sgx' } | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ github.token }} | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: nixsgx | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| extraPullNames: vault-auth-tee | |
| - name: Enable magic Nix cache | |
| uses: DeterminateSystems/magic-nix-cache-action@main | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USER }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Load container | |
| id: build | |
| run: | | |
| nix build --accept-flake-config -L .#${{ matrix.config.nixpackage }} | |
| export IMAGE_TAG=$(docker load < result | grep -Po 'Loaded image.*: \K.*') | |
| echo "IMAGE_TAG=${IMAGE_TAG}" >> "$GITHUB_OUTPUT" | |
| echo "IMAGE_NAME=${IMAGE_TAG%:*}" >> "$GITHUB_OUTPUT" | |
| - name: Push container | |
| run: | | |
| echo "Pushing image ${{ steps.build.outputs.IMAGE_TAG }} to Docker Hub" | |
| docker tag "${{ steps.build.outputs.IMAGE_TAG }}" matterlabsrobot/"${{ steps.build.outputs.IMAGE_TAG }}" | |
| docker push matterlabsrobot/"${{ steps.build.outputs.IMAGE_TAG }}" | |
| - name: Tag container as latest | |
| if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} | |
| run: | | |
| docker tag "${{ steps.build.outputs.IMAGE_TAG }}" matterlabsrobot/"${{ steps.build.outputs.IMAGE_NAME }}:latest" | |
| docker push matterlabsrobot/"${{ steps.build.outputs.IMAGE_NAME }}:latest" | |
| - name: Generate build ID for Flux Image Automation | |
| if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} | |
| id: buildid | |
| run: | | |
| sha=$(git rev-parse --short HEAD) | |
| ts=$(date +%s%N | cut -b1-13) | |
| echo "BUILD_ID=${sha}-${ts}" >> "$GITHUB_OUTPUT" | |
| - name: Push Docker image to matterlabs-infra | |
| if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} | |
| run: | | |
| docker tag "${{ steps.build.outputs.IMAGE_TAG }}" matterlabsrobot/"${{ steps.build.outputs.IMAGE_NAME }}:${{ steps.buildid.outputs.BUILD_ID }}" | |
| docker push matterlabsrobot/"${{ steps.build.outputs.IMAGE_NAME }}:${{ steps.buildid.outputs.BUILD_ID }}" |