[devbox add] --allow-insecure should handle multiple, user-specified packages #4975
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: cli-tests | |
# Runs the Devbox CLI tests | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
on: | |
pull_request: | |
push: | |
branches: | |
- main | |
merge_group: | |
branches: | |
- main | |
workflow_call: | |
inputs: | |
run-mac-tests: | |
type: boolean | |
workflow_dispatch: | |
inputs: | |
run-mac-tests: | |
type: boolean | |
# run the example tests with DEVBOX_DEBUG=1 | |
example-debug: | |
type: boolean | |
permissions: | |
contents: read | |
pull-requests: read | |
defaults: | |
run: | |
# Explicitly setting the shell to bash runs commands with | |
# `bash --noprofile --norc -eo pipefail` instead of `bash -e`. | |
shell: bash | |
env: | |
HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
DEVBOX_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
HOMEBREW_NO_ANALYTICS: 1 | |
HOMEBREW_NO_AUTO_UPDATE: 1 | |
HOMEBREW_NO_EMOJI: 1 | |
HOMEBREW_NO_ENV_HINTS: 1 | |
HOMEBREW_NO_INSTALL_CLEANUP: 1 | |
DEVBOX_DEBUG: 1 | |
jobs: | |
build-devbox: | |
strategy: | |
matrix: | |
os: [ubuntu-latest, macos-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: ./go.mod | |
- name: Build devbox | |
run: go build -o dist/devbox ./cmd/devbox | |
- name: Upload devbox artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: devbox-${{ runner.os }}-${{ runner.arch }} | |
path: ./dist/devbox | |
retention-days: 7 | |
typos: | |
name: Spell Check with Typos | |
if: github.ref != 'refs/heads/main' | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: crate-ci/typos@v1.16.26 | |
golangci-lint: | |
needs: build-devbox | |
strategy: | |
matrix: | |
os: [ubuntu-latest, macos-latest] | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/checkout@v3 | |
# We can remove this once we fix nix golangci-lint issue and move to devbox | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: ./go.mod | |
cache: false | |
# This can be reanabled once released version supports runx | |
# and we can remove needs: build-devbox | |
# - name: Install devbox | |
# uses: jetpack-io/devbox-install-action@v0.7.0 | |
# with: | |
# enable-cache: true | |
- name: Mount golang cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.cache/golangci-lint | |
~/.cache/go-build | |
~/go/pkg | |
key: go-${{ runner.os }}-${{ hashFiles('go.sum') }} | |
- name: Download devbox | |
uses: actions/download-artifact@v3 | |
with: | |
name: devbox-${{ runner.os }}-${{ runner.arch }} | |
- name: Add devbox to path | |
run: | | |
chmod +x ./devbox | |
sudo mv ./devbox /usr/local/bin/ | |
- run: devbox run lint | |
test: | |
needs: build-devbox | |
strategy: | |
matrix: | |
is-main: | |
- ${{ github.ref == 'refs/heads/main' && 'is-main' || 'not-main' }} | |
os: [ubuntu-latest, macos-latest] | |
# This is an optimization that runs tests twice, with and without | |
# the devbox.json tests. We can require the other tests to complete before | |
# merging, while keeping the others as an additional non-required signal | |
run-project-tests: ["project-tests", "project-tests-off"] | |
# Run tests on: | |
# 1. the oldest supported nix version (which is 2.9.0? But determinate-systems installer has 2.12.0) | |
# 2. latest nix version | |
nix-version: ["2.12.0", "2.19.2"] | |
exclude: | |
- is-main: "not-main" | |
os: "${{ inputs.run-mac-tests && 'dummy' || 'macos-latest' }}" | |
- is-main: "is-main" | |
run-project-tests: "project-tests-off" | |
- run-project-tests: "project-tests" | |
os: macos-latest | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 37 | |
steps: | |
- name: Maximize build disk space | |
uses: easimon/maximize-build-space@v8 | |
if: matrix.os == 'ubuntu-latest' | |
with: | |
root-reserve-mb: 40000 | |
temp-reserve-mb: 10000 | |
remove-dotnet: true | |
remove-android: true | |
remove-haskell: true | |
remove-codeql: true | |
- uses: actions/checkout@v3 | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: ./go.mod | |
- name: Mount golang cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
~/.cache/go-build | |
~/go/pkg | |
key: go-devbox-tests-${{ runner.os }}-${{ hashFiles('go.sum') }} | |
- name: Install additional shells (dash, zsh) | |
run: | | |
if [ "$RUNNER_OS" == "Linux" ]; then | |
sudo apt-get update | |
sudo apt-get install dash zsh | |
elif [ "$RUNNER_OS" == "macOS" ]; then | |
brew update | |
brew install dash zsh | |
fi | |
- name: Install Nix | |
uses: DeterminateSystems/nix-installer-action@v4 | |
with: | |
logger: pretty | |
extra-conf: experimental-features = ca-derivations fetch-closure | |
nix-package-url: https://releases.nixos.org/nix/nix-${{ matrix.nix-version }}/nix-${{ matrix.nix-version }}-${{ runner.arch == 'X64' && 'x86_64' || 'aarch64' }}-${{ runner.os == 'macOS' && 'darwin' || 'linux' }}.tar.xz | |
- name: Run tests | |
env: | |
# For devbox.json tests, we default to non-debug mode since the debug output is less useful than for unit testscripts. | |
# But we allow overriding via inputs.example-debug | |
DEVBOX_DEBUG: ${{ (matrix.run-project-tests == 'project-tests-off' || inputs.example-debug) && '1' || '0' }} | |
DEVBOX_RUN_PROJECT_TESTS: ${{ matrix.run-project-tests == 'project-tests' && '1' || '0' }} | |
# Used in `go test -timeout` flag. Needs a value that time.ParseDuration can parse. | |
DEVBOX_GOLANG_TEST_TIMEOUT: "${{ (github.ref == 'refs/heads/main' || inputs.run-mac-tests) && '35m' || '30m' }}" | |
run: | | |
echo "::group::Nix version" | |
nix --version | |
echo "::endgroup::" | |
echo "::group::Contents of /etc/nix/nix.conf" | |
cat /etc/nix/nix.conf || true | |
echo "::endgroup::" | |
echo "::group::Resolved Nix config" | |
nix show-config --extra-experimental-features nix-command | |
echo "::endgroup::" | |
go test -v -timeout $DEVBOX_GOLANG_TEST_TIMEOUT ./... | |
auto-nix-install: # ensure Devbox installs nix and works properly after installation. | |
needs: build-devbox | |
strategy: | |
matrix: | |
os: [ubuntu-latest, macos-latest] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Download devbox | |
uses: actions/download-artifact@v3 | |
with: | |
name: devbox-${{ runner.os }}-${{ runner.arch }} | |
- name: Add devbox to path | |
run: | | |
chmod +x ./devbox | |
sudo mv ./devbox /usr/local/bin/ | |
- name: Install nix and devbox packages | |
run: | | |
export NIX_INSTALLER_NO_CHANNEL_ADD=1 | |
# Setup github authentication to ensure Github's rate limits are not hit. | |
# If this works, we can consider refactoring this into a reusable github action helper. | |
mkdir -p ~/.config/nix | |
echo "access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}" > ~/.config/nix/nix.conf | |
devbox run echo "Installing packages..." | |
- name: Test removing package | |
run: devbox rm go | |
# Run a sanity test to make sure Devbox can install and remove packages with | |
# the last 3 Nix releases. | |
test-nix-versions: | |
needs: build-devbox | |
strategy: | |
matrix: | |
os: [ubuntu-latest, macos-latest] | |
nix-version: [2.15.1, 2.16.1, 2.17.0, 2.18.0, 2.19.2] | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Download devbox | |
uses: actions/download-artifact@v3 | |
with: | |
name: devbox-${{ runner.os }}-${{ runner.arch }} | |
- name: Add devbox to path | |
run: | | |
chmod +x ./devbox | |
sudo mv ./devbox /usr/local/bin/ | |
- name: Install Nix | |
uses: DeterminateSystems/nix-installer-action@v4 | |
with: | |
logger: pretty | |
extra-conf: experimental-features = ca-derivations fetch-closure | |
nix-package-url: https://releases.nixos.org/nix/nix-${{ matrix.nix-version }}/nix-${{ matrix.nix-version }}-${{ runner.arch == 'X64' && 'x86_64' || 'aarch64' }}-${{ runner.os == 'macOS' && 'darwin' || 'linux' }}.tar.xz | |
- name: Run devbox install, devbox run, devbox rm | |
run: | | |
echo "::group::Nix version" | |
nix --version | |
echo "::endgroup::" | |
echo "::group::Contents of /etc/nix/nix.conf" | |
cat /etc/nix/nix.conf || true | |
echo "::endgroup::" | |
echo "::group::Resolved Nix config" | |
nix show-config --extra-experimental-features nix-command | |
echo "::endgroup::" | |
devbox install | |
devbox run -- echo "Hello from devbox!" | |
devbox rm go |