tdpeuter/bos55-nix-config-cicd
1
Fork 0
forked from Bos55/nix-config
Code Pull requests 1 Releases Packages Activity Actions
bos55-nix-config-cicd/.github/workflows/build.yml
Tibo De Peuter c55843ffa7
Some checks failed
Check / check (push) Failing after 2s
Details
feat(ci): implement signed commit verification and update security policy 
Added a CI/CD step to verify cryptographic signatures for deployments. Updated SECURITY.md with the new trust model and refined GHA workflows for consistency.
2026-03-17 18:43:21 +01:00

40 lines
1.1 KiB
YAML
Raw Blame History

name: Build
on:
push:
branches:
- main
- 'test-*'
pull_request:
jobs:
# Job to find all hosts that should be built
get-hosts:
runs-on: ubuntu-latest
container: catthehacker/ubuntu:act-24.04
outputs:
hosts: ${{ steps.set-hosts.outputs.hosts }}
steps:
- uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v27
- id: set-hosts
run: |
# Extract host names from nixosConfigurations
HOSTS=$(nix eval .#nixosConfigurations --apply "builtins.attrNames" --json)
echo "hosts=$HOSTS" >> $GITHUB_OUTPUT
build:
needs: get-hosts
runs-on: ubuntu-latest
container: catthehacker/ubuntu:act-24.04
strategy:
fail-fast: false
matrix:
host: ${{ fromJson(needs.get-hosts.outputs.hosts) }}
steps:
- uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v27
- name: Build NixOS configuration
run: nix build .#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel
View git blame Copy permalink