chore(deps): update trufflesecurity/trufflehog action to v3.79.0 #154
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: nix | |
| on: | |
| pull_request: | |
| branches: [ "main" ] | |
| push: | |
| branches: [ "main" ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| fmt: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ github.token }} | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: nixsgx | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - name: Enable magic Nix cache | |
| uses: DeterminateSystems/magic-nix-cache-action@main | |
| - run: nix fmt . -- --check | |
| check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ github.token }} | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: nixsgx | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - name: Enable magic Nix cache | |
| uses: DeterminateSystems/magic-nix-cache-action@main | |
| - run: nix flake check -L --show-trace --keep-going | |
| build: | |
| needs: check | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
| - uses: cachix/install-nix-action@v27 | |
| with: | |
| extra_nix_config: | | |
| access-tokens = github.com=${{ github.token }} | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: nixsgx | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - name: Enable magic Nix cache | |
| uses: DeterminateSystems/magic-nix-cache-action@main | |
| - name: nix build | |
| run: nix run github:nixos/nixpkgs/nixos-23.11#nixci | |
| - name: integration check | |
| run: | | |
| nix build --accept-flake-config -L .#nixsgx-test-sgx-azure | |
| docker load -i result | |
| docker run -i --env GRAMINE_DIRECT=1 --privileged --init --rm nixsgx-test-sgx-azure:latest | grep -q -F 'Hello, world!' |