From 3a621723d1846e8d65ec7ffaed966f8a10e9f560 Mon Sep 17 00:00:00 2001
From: cy <cy@cy7.sh>
Date: Mon, 20 Jan 2025 02:59:35 -0500
Subject: [PATCH] revamp workflow (https://git.cy7.sh/cy/infra/pulls/4)

Reviewed-on: https://git.cy7.sh/cy/infra/pulls/4
Co-authored-by: cy <cy@cy7.sh>
Co-committed-by: cy <cy@cy7.sh>
---
 .github/workflows/build-and-cache.yml | 108 ++++++++++++++++----------
 1 file changed, 69 insertions(+), 39 deletions(-)

diff --git a/.github/workflows/build-and-cache.yml b/.github/workflows/build-and-cache.yml
index 0e2e1df..217fd43 100644
--- a/.github/workflows/build-and-cache.yml
+++ b/.github/workflows/build-and-cache.yml
@@ -3,28 +3,6 @@ on:
   workflow_dispatch:
   push:
 jobs:
-  build-packages:
-    strategy:
-      matrix:
-        package:
-          - github:cything/nixpkgs#hello
-        os:
-          - ubuntu-latest
-          - macos-latest
-    runs-on: ${{ matrix.os }}
-    continue-on-error: true
-    steps:
-      - uses: DeterminateSystems/nix-installer-action@main
-        with:
-          logger: pretty
-      - uses: DeterminateSystems/magic-nix-cache-action@main
-      - name: Setup Attic cache
-        uses: ryanccn/attic-action@v0
-        with:
-          endpoint: ${{ vars.ATTIC_ENDPOINT }}
-          cache: ${{ vars.ATTIC_CACHE }}
-          token: ${{ secrets.ATTIC_TOKEN }}
-      - run: nix build -L '${{ matrix.package }}'
   build-machines:
     strategy:
       matrix:
@@ -34,7 +12,7 @@ jobs:
           - titan
         os:
           - ubuntu-latest
-          # - macos-latest
+ 
     runs-on: ${{ matrix.os }}
     continue-on-error: true
     steps:
@@ -49,22 +27,48 @@ jobs:
           remove-codeql: 'true'
           remove-docker-images: 'true'
           build-mount-path: /nix
-          build-mount-path-ownership: 'root:root'
-      - uses: DeterminateSystems/nix-installer-action@main
+
+      - uses: nixbuild/nix-quick-install-action@master
+
+      - name: Sync repository
+        uses: actions/checkout@v4
         with:
-          logger: pretty
-      - uses: DeterminateSystems/magic-nix-cache-action@main
+          persist-credentials: false
+
+      - uses: cachix/cachix-action@v14
+        with:
+          name: cything
+          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+          useDaemon: false
+          installCommand: nix profile install nixpkgs#cachix
+
       - name: Setup Attic cache
         uses: ryanccn/attic-action@v0
         with:
           endpoint: ${{ vars.ATTIC_ENDPOINT }}
           cache: ${{ vars.ATTIC_CACHE }}
           token: ${{ secrets.ATTIC_TOKEN }}
-      - name: Sync repository
-        uses: actions/checkout@v4
+
+      - name: Restore and cache Nix store
+        uses: nix-community/cache-nix-action@v5.1.0
         with:
-          persist-credentials: false
-      - run: nix build -L --accept-flake-config .#nixosConfigurations.${{ matrix.machine }}.config.system.build.toplevel
+          # restore and save a cache using this key
+          primary-key: nix-${{ runner.os }}-${{ matrix.machine }}-${{ hashFiles('flake.lock') }}
+          # if there's no cache hit, restore a cache by this prefix
+          restore-prefixes-first-match: nix-${{ runner.os }}-
+          # do purge caches
+          purge: true
+          # purge all versions of the cache
+          purge-prefixes: nix-${{ runner.os }}-
+          # created more than this number of seconds ago relative to the start of the `Post Restore` phase
+          purge-last-accessed: 86400
+          # except the version with the `primary-key`, if it exists
+          purge-primary-key: never
+          # always save the cache
+          save-always: true
+
+      - run: nix build -L .#nixosConfigurations.${{ matrix.machine }}.config.system.build.toplevel
+
   build-homes:
     strategy:
       matrix:
@@ -74,6 +78,7 @@ jobs:
         os:
           - ubuntu-latest
           # - macos-latest
+
     runs-on: ${{ matrix.os }}
     continue-on-error: true
     steps:
@@ -88,19 +93,44 @@ jobs:
           remove-codeql: 'true'
           remove-docker-images: 'true'
           build-mount-path: /nix
-          build-mount-path-ownership: 'root:root'
-      - uses: DeterminateSystems/nix-installer-action@main
+
+      - uses: nixbuild/nix-quick-install-action@master
+
+      - name: Sync repository
+        uses: actions/checkout@v4
         with:
-          logger: pretty
-      - uses: DeterminateSystems/magic-nix-cache-action@main
+          persist-credentials: false
+
+      - uses: cachix/cachix-action@v14
+        with:
+          name: cything
+          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+          useDaemon: false
+          installCommand: nix profile install nixpkgs#cachix
+
       - name: Setup Attic cache
         uses: ryanccn/attic-action@v0
         with:
           endpoint: ${{ vars.ATTIC_ENDPOINT }}
           cache: ${{ vars.ATTIC_CACHE }}
           token: ${{ secrets.ATTIC_TOKEN }}
-      - name: Sync repository
-        uses: actions/checkout@v4
+
+      - name: Restore and cache Nix store
+        uses: nix-community/cache-nix-action@v5.1.0
         with:
-          persist-credentials: false
-      - run: nix build -L --accept-flake-config .#homeConfigurations."${{ matrix.home }}".activationPackage
+          # restore and save a cache using this key
+          primary-key: nix-${{ runner.os }}-${{ matrix.home }}-${{ hashFiles('flake.lock') }}
+          # if there's no cache hit, restore a cache by this prefix
+          restore-prefixes-first-match: nix-${{ runner.os }}-
+          # do purge caches
+          purge: true
+          # purge all versions of the cache
+          purge-prefixes: nix-${{ runner.os }}-
+          # created more than this number of seconds ago relative to the start of the `Post Restore` phase
+          purge-last-accessed: 86400
+          # except the version with the `primary-key`, if it exists
+          purge-primary-key: never
+          # always save the cache
+          save-always: true
+
+      - run: nix build -L .#homeConfigurations."${{ matrix.home }}".activationPackage