.github/workflows/nix.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111

name: Nix

on:
  push:
  workflow_dispatch:


jobs:
  standalone:
    runs-on: ubuntu-latest
    permissions:
      contents: read

    strategy:
      matrix:
        library: [ "botan", "cryptopp", "openssl", "boringssl", "gcrypt", "mbedtls", "ippcp", "nettle", "libressl" ]
      fail-fast: false
    name: Build standalone ${{ matrix.library }}
    steps:
      - uses: actions/checkout@v4
        with:
          submodules: recursive
          fetch-tags: true
          fetch-depth: -1

      - name: Setup libraries
        run: |  
          sudo apt update
          sudo apt install

      - uses: DeterminateSystems/nix-installer-action@v13
        with:
          diagnostic-endpoint: ""

      - uses: DeterminateSystems/magic-nix-cache-action@v7
        with:
          diagnostic-endpoint: ""

      - name: Build library
        run: |
          nix build ".#lib.${{ matrix.library }}.default"

      - name: Build shim
        run: |
          nix build ".#shim.${{ matrix.library }}.default"

      - name: Build standalone
        run: |
          nix build ".?submodules=1#${{ matrix.library }}.default"

      - name: List library
        run: nix run ".?submodules=1#${{ matrix.library }}.default" -- list-libs

  reader:
    runs-on: ubuntu-latest
    permissions:
      contents: read

    name: Build reader
    steps:
      - uses: actions/checkout@v4
        with:
          submodules: recursive
          fetch-tags: true
          fetch-depth: -1

      - uses: DeterminateSystems/nix-installer-action@v13
        with:
          diagnostic-endpoint: ""

      - uses: DeterminateSystems/magic-nix-cache-action@v7
        with:
          diagnostic-endpoint: ""

      - name: Build reader
        run: |
          nix build ".?submodules=1#reader"

      - name: Show reader --help
        run: |
          nix run ".?submodules=1#reader" -- --help

  applet:
    runs-on: ubuntu-latest
    permissions:
      contents: read

    strategy:
      matrix:
        sdk: [ "222", "305", "320", "All" ]
      fail-fast: false

    name: Build applet ${{ matrix.sdk }}
    steps:
      - uses: actions/checkout@v4
        with:
          submodules: recursive
          fetch-tags: true
          fetch-depth: -1

      - uses: DeterminateSystems/nix-installer-action@v13
        with:
          diagnostic-endpoint: ""

      - uses: DeterminateSystems/magic-nix-cache-action@v7
        with:
          diagnostic-endpoint: ""

      - name: Build applet
        run: |
          nix build ".?submodules=1#applet${{ matrix.sdk }}"