flake: add check for NUR reproducibility
This commit is contained in:
parent
71f6ac0f46
commit
b7f88d78b5
GPG Key ID:
A498C7AF27EC6B5C
1
.github/workflows/build.yml
vendored
1
.github/workflows/build.yml
vendored
@ -10,6 +10,7 @@ jobs:
|
|||||||
check:
|
check:
|
||||||
- nixpkgs-fmt
|
- nixpkgs-fmt
|
||||||
- deadnix
|
- deadnix
|
||||||
|
- nur
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout repository
|
- name: Checkout repository
|
||||||
|
|||||||
12
flake.nix
12
flake.nix
@ -33,6 +33,18 @@
|
|||||||
deadnix = pkgs.writeShellScriptBin "deadnix-check" ''
|
deadnix = pkgs.writeShellScriptBin "deadnix-check" ''
|
||||||
${pkgs.deadnix}/bin/deadnix --fail .
|
${pkgs.deadnix}/bin/deadnix --fail .
|
||||||
'';
|
'';
|
||||||
|
# Ensures that the NUR bot can evaluate and find all our packages.
|
||||||
|
# Normally we'd also run with `--option restrict-eval true`, but
|
||||||
|
# this is incompatible with flakes because reasons.
|
||||||
|
nur = pkgs.writeShellScriptBin "nur-check" ''
|
||||||
|
nix-env -f . -qa \* --meta \
|
||||||
|
--allowed-uris https://static.rust-lang.org \
|
||||||
|
--option allow-import-from-derivation true \
|
||||||
|
--drv-path --show-trace \
|
||||||
|
-I nixpkgs=$(nix-instantiate --find-file nixpkgs) \
|
||||||
|
-I ./ \
|
||||||
|
--json | ${pkgs.jq}/bin/jq -r 'values | .[].name'
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
devShells.ci = pkgs.mkShellNoCC {
|
devShells.ci = pkgs.mkShellNoCC {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user