Mystara/refraction
1
0
Fork 0
Code Activity Actions 1

Inital bot files
Some checks failed
CI / Build (ubuntu-latest) (push) Waiting to run
Details
CI / Build (windows-latest) (push) Waiting to run
Details
CI / Flake checks (push) Waiting to run
Details
CI / CI Release gate (push) Blocked by required conditions
Details
Docker / Build image (push) Waiting to run
Details
Docker / Docker Release gate (push) Blocked by required conditions
Details
Docker / Push image (push) Blocked by required conditions
Details
Clippy / Run scan (push) Has been cancelled
Details

Browse source
This commit is contained in:
Mystara 2025-07-07 23:27:18 -05:00
commit 6bac95dce6
91 changed files with 4422 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

79
.github/workflows/ci.yml vendored Normal file
View file

@ -0,0 +1,79 @@
name: CI
on:
push:
branches: [main]
pull_request:
workflow_dispatch:
jobs:
build:
name: Build (${{ matrix.os }})
strategy:
fail-fast: false
matrix:
include:
- os: ubuntu-latest
use-nix: true
- os: windows-latest
use-nix: false
runs-on: ${{ matrix.os }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Rust
if: ${{ !matrix.use-nix }}
uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Install Nix
if: ${{ matrix.use-nix }}
uses: DeterminateSystems/nix-installer-action@v17
- name: Setup Nix cache
if: ${{ matrix.use-nix }}
uses: DeterminateSystems/magic-nix-cache-action@v9
- name: Build
if: ${{ !matrix.use-nix }}
run: cargo build --locked
- name: Build
if: ${{ matrix.use-nix }}
run: nix build --print-build-logs .#refraction-debug
flake:
name: Flake checks
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v17
- name: Setup Nix cache
uses: DeterminateSystems/magic-nix-cache-action@v9
- name: Run checks
run: |
nix flake check --print-build-logs --show-trace
# Make sure all above jobs finished successfully
release-gate:
name: CI Release gate
needs: [build, flake]
if: ${{ always() }}
runs-on: ubuntu-latest
steps:
- name: Exit with error
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
run: exit 1

47
.github/workflows/clippy.yml vendored Normal file
View file

@ -0,0 +1,47 @@
name: Clippy
on:
push:
branches: [main]
paths:
- 'Cargo.toml'
- 'Cargo.lock'
- '**.rs'
pull_request:
paths:
- 'Cargo.toml'
- 'Cargo.lock'
- '**.rs'
workflow_dispatch:
jobs:
clippy:
name: Run scan
runs-on: ubuntu-latest
permissions:
security-events: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v17
- name: Setup Nix cache
uses: DeterminateSystems/magic-nix-cache-action@v9
- name: Generate sarif report
id: clippy-run
run: |
nix build --print-build-logs .#clippy-report
[ -L result ] || exit 1
echo "sarif-file=$(readlink -f result)" >> "$GITHUB_OUTPUT"
- name: Upload results
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.clippy-run.outputs.sarif-file }}
wait-for-processing: true

115
.github/workflows/docker.yml vendored Normal file
View file

@ -0,0 +1,115 @@
name: Docker
on:
push:
branches: [main]
pull_request:
workflow_dispatch:
jobs:
build:
name: Build image
strategy:
fail-fast: false
matrix:
arch: [amd64, arm64]
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v17
- name: Setup Nix cache
uses: DeterminateSystems/magic-nix-cache-action@v9
- name: Build Docker image
id: build
env:
ARCH: ${{ matrix.arch }}
run: |
nix build --print-build-logs .#container-"$ARCH"
[ ! -L result ] && exit 1
echo "path=$(readlink -f result)" >> "$GITHUB_OUTPUT"
- name: Upload image
uses: actions/upload-artifact@v4
with:
name: container-${{ matrix.arch }}
path: ${{ steps.build.outputs.path }}
if-no-files-found: error
retention-days: 3
# Make sure all above jobs finished successfully
release-gate:
name: Docker Release gate
needs: [build]
if: ${{ always() }}
runs-on: ubuntu-latest
steps:
- name: Exit with error
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
run: exit 1
push:
name: Push image
needs: build
if: ${{ github.event_name == 'push' }}
runs-on: ubuntu-latest
permissions:
packages: write
env:
REGISTRY: ghcr.io
USERNAME: ${{ github.actor }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Determine image name
run: |
echo "IMAGE_NAME=${REPOSITORY,,}" >> "$GITHUB_ENV"
env:
REPOSITORY: ${{ github.repository }}
- name: Download images
uses: actions/download-artifact@v4
with:
path: images
- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ env.USERNAME }}
password: ${{ github.token }}
- name: Push to registry
env:
TAG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
run: |
set -eu
architectures=("amd64" "arm64")
for arch in "${architectures[@]}"; do
docker load < images/container-"$arch"/*.tar.gz
docker tag refraction:latest-"$arch" "$TAG"-"$arch"
docker push "$TAG"-"$arch"
done
docker manifest create "$TAG" \
--amend "$TAG"-amd64 \
--amend "$TAG"-arm64
docker manifest push "$TAG"

36
.github/workflows/update-flake.yml vendored Normal file
View file

@ -0,0 +1,36 @@
name: Update flake.lock
on:
schedule:
# run every saturday
- cron: '0 0 * * 6'
workflow_dispatch:
jobs:
update:
name: Run update
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@v17
- name: Update flake.lock
id: update
uses: DeterminateSystems/update-flake-lock@v25
with:
pr-title: 'nix: update flake.lock'
- name: Enable Pull Request Automerge
uses: peter-evans/enable-pull-request-automerge@v3
with:
pull-request-number: ${{ steps.update.outputs.pull-request-number }}
merge-method: rebase
github-token: ${{ secrets.AUTOMATA_TOKEN }}