From e30a995f81adea98b80fd2035557aff457b72c8b Mon Sep 17 00:00:00 2001 From: Timon Date: Wed, 18 Mar 2026 16:30:18 +0000 Subject: [PATCH 1/4] Desktop: Introduce development Nix binary cache --- .github/workflows/build.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 58467c78ec..67c3b3cd00 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -577,12 +577,12 @@ jobs: run: nix build .#graphite${{ inputs.debug && '-dev' || '' }} --no-link --print-out-paths - name: 📤 Push to Nix cache - if: (github.event_name == 'push' || inputs.push_to_nix_cache) && !inputs.debug env: - NIX_CACHE_AUTH_TOKEN: ${{ secrets.NIX_CACHE_AUTH_TOKEN }} + NIX_CACHE_AUTH_TOKEN: ${{ (!inputs.debug && github.ref == 'refs/heads/master') && secrets.NIX_CACHE_AUTH_TOKEN || secrets.NIX_CACHE_AUTH_TOKEN_DEV }} + NIX_CACHE_NAME: ${{ (!inputs.debug && github.ref == 'refs/heads/master') && 'graphite' || 'graphite-dev' }} run: | nix run nixpkgs#cachix -- authtoken $NIX_CACHE_AUTH_TOKEN - nix build --no-link --print-out-paths | nix run nixpkgs#cachix -- push graphite + nix build .#graphite${{ inputs.debug && '-dev' || '' }} --no-link --print-out-paths | nix run nixpkgs#cachix -- push $NIX_CACHE_NAME - name: 🏗 Build Linux bundle run: nix build .#graphite${{ inputs.debug && '-dev' || '' }}-bundle.tar.xz && cp ./result ./graphite-linux-bundle.tar.xz From a0791cb79ebe36cc84e8c04d2605fdb74a8b6a37 Mon Sep 17 00:00:00 2001 From: Timon Date: Wed, 18 Mar 2026 16:57:35 +0000 Subject: [PATCH 2/4] Configure caches in CI --- .github/workflows/build.yml | 4 ++++ .github/workflows/provide-shaders.yml | 7 ++++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 67c3b3cd00..41b9dbefe6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -569,6 +569,10 @@ jobs: - name: ❄ Install Nix uses: DeterminateSystems/nix-installer-action@main + with: + extra-conf: | + extra-substituters = https://graphite.cachix.org https://graphite-dev.cachix.org + extra-trusted-public-keys = graphite.cachix.org-1:B7Il1yMpkquN/dXM+5GRmz+4Xmu2aaCS1GcWNfFhsOo= graphite-dev.cachix.org-1:RppXYpiV1qO2TYKTkXXGHsAEQDOB5G51b3VlrN9QmbI= - name: 🗑 Free disk space run: sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc /opt/hostedtoolcache diff --git a/.github/workflows/provide-shaders.yml b/.github/workflows/provide-shaders.yml index 647878cefe..3bc86d330b 100644 --- a/.github/workflows/provide-shaders.yml +++ b/.github/workflows/provide-shaders.yml @@ -17,9 +17,10 @@ jobs: - name: ❄ Install Nix uses: DeterminateSystems/nix-installer-action@main - - - name: 💾 Set up Nix cache - uses: DeterminateSystems/magic-nix-cache-action@main + with: + extra-conf: | + extra-substituters = https://graphite.cachix.org https://graphite-dev.cachix.org + extra-trusted-public-keys = graphite.cachix.org-1:B7Il1yMpkquN/dXM+5GRmz+4Xmu2aaCS1GcWNfFhsOo= graphite-dev.cachix.org-1:RppXYpiV1qO2TYKTkXXGHsAEQDOB5G51b3VlrN9QmbI= - name: 🏗 Build graphene raster nodes shaders run: nix build .#graphite-raster-nodes-shaders && cp result raster_nodes_shaders_entrypoint.wgsl From e09d0c06cec8d2ee9152bb6bad587c34e2e16e86 Mon Sep 17 00:00:00 2001 From: Timon Date: Wed, 18 Mar 2026 17:29:55 +0000 Subject: [PATCH 3/4] Cache nix shell --- .github/workflows/nix.yml | 51 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 .github/workflows/nix.yml diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml new file mode 100644 index 0000000000..d295a4543e --- /dev/null +++ b/.github/workflows/nix.yml @@ -0,0 +1,51 @@ +name: "Nix Housekeeping" + +on: + push: + branches: + - master + workflow_dispatch: {} + +jobs: + cache-dev-shell: + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: 📥 Clone repository + uses: actions/checkout@v6 + with: + repository: ${{ inputs.checkout_repo || github.repository }} + ref: ${{ inputs.checkout_ref || '' }} + + - name: ❄ Install Nix + uses: DeterminateSystems/nix-installer-action@main + with: + extra-conf: | + extra-substituters = https://graphite.cachix.org https://graphite-dev.cachix.org + extra-trusted-public-keys = graphite.cachix.org-1:B7Il1yMpkquN/dXM+5GRmz+4Xmu2aaCS1GcWNfFhsOo= graphite-dev.cachix.org-1:RppXYpiV1qO2TYKTkXXGHsAEQDOB5G51b3VlrN9QmbI= + + - name: 🔎 Check whether development shell is already in binary cache + id: cache-check + run: | + out_path="$(nix eval --raw .#devShells.x86_64-linux.default.outPath)" + if nix path-info --store https://graphite-dev.cachix.org "$out_path" &>/dev/null; then + echo "cached=true" >> "$GITHUB_OUTPUT" + echo "Development shell is already cached at $out_path" + else + echo "cached=false" >> "$GITHUB_OUTPUT" + echo "Development shell is not cached" + fi + + - name: 📦 Build Nix development shell + if: steps.cache-check.outputs.cached == 'false' + run: nix build .#devShells.x86_64-linux.default --no-link --print-out-paths + + - name: 📤 Push Nix development shell to binary cache + if: steps.cache-check.outputs.cached == 'false' + env: + NIX_CACHE_AUTH_TOKEN: ${{ secrets.NIX_CACHE_AUTH_TOKEN_DEV }} + run: | + nix run nixpkgs#cachix -- authtoken $NIX_CACHE_AUTH_TOKEN + nix build .#devShells.x86_64-linux.default --no-link --print-out-paths | nix run nixpkgs#cachix -- push graphite-dev From 3a21b2655b799637a08d4179c292c461dad9fb38 Mon Sep 17 00:00:00 2001 From: Timon Date: Wed, 18 Mar 2026 20:08:34 +0000 Subject: [PATCH 4/4] Fix --- .github/workflows/build.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 41b9dbefe6..7cf9f9a96f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -18,9 +18,6 @@ on: linux: description: "Linux" type: boolean - push_to_nix_cache: - description: "Linux: push to Nix cache" - type: boolean debug: description: "Debug build" type: boolean @@ -34,8 +31,6 @@ on: type: boolean linux: type: boolean - push_to_nix_cache: - type: boolean debug: type: boolean checkout_repo: