From 90180e31ef075509dc2ec074854801dbc130a33a Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 13:53:46 -0300 Subject: [PATCH 01/11] Add logic for determining environment --- flake.nix | 2 +- magic-nix-cache/src/env.rs | 36 ++++++++++++++++++++++++++++++++++++ magic-nix-cache/src/error.rs | 3 +++ magic-nix-cache/src/main.rs | 5 +++++ 4 files changed, 45 insertions(+), 1 deletion(-) create mode 100644 magic-nix-cache/src/env.rs diff --git a/flake.nix b/flake.nix index d15722f..697c2a7 100644 --- a/flake.nix +++ b/flake.nix @@ -55,7 +55,7 @@ cargo-bloat cargo-edit cargo-udeps - cargo-watch + bacon age ]; diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs new file mode 100644 index 0000000..2af3313 --- /dev/null +++ b/magic-nix-cache/src/env.rs @@ -0,0 +1,36 @@ +use crate::error::Error; +use std::env; + +pub enum Environment { + GitHubActions, + GitLabCI, + Other, +} + +impl ToString for Environment { + fn to_string(&self) -> String { + use Environment::*; + + String::from(match self { + GitHubActions => "GitHub Actions", + GitLabCI => "GitLab CI", + _ => "unspecified", + }) + } +} + +pub fn determine_environment() -> Environment { + if env_var_is_true("GITHUB_ACTIONS") { + Environment::GitHubActions + } + + if env_var_is_true("CI") && env_var_is_true("GITLAB_CI") { + Environment::GitLabCI + } + + Environment::Other +} + +fn env_var_is_true(e: &str) -> bool { + env::var(e).unwrap_or(String::from("")) == String::from("true") +} diff --git a/magic-nix-cache/src/error.rs b/magic-nix-cache/src/error.rs index ec1b8d3..ae479e1 100644 --- a/magic-nix-cache/src/error.rs +++ b/magic-nix-cache/src/error.rs @@ -19,6 +19,9 @@ pub enum Error { #[error("Bad Request")] BadRequest, + #[error("Current environment couldn't be determinate")] + UnknownEnv, + #[error("I/O error: {0}")] Io(#[from] std::io::Error), diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index 4dabf22..037cb68 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -14,6 +14,7 @@ mod api; mod binary_cache; +mod env; mod error; mod flakehub; mod gha; @@ -38,6 +39,8 @@ use tracing_subscriber::filter::EnvFilter; use gha_cache::Credentials; +use crate::env::determine_environment; + type State = Arc; /// GitHub Actions-powered Nix binary cache @@ -141,6 +144,8 @@ async fn main_cli() -> Result<()> { let args = Args::parse(); + let _environment = determine_environment(); + let metrics = Arc::new(telemetry::TelemetryReport::new()); if let Some(parent) = Path::new(&args.nix_conf).parent() { From 136a3d43d60059f03b28235cf66f9919c2eac89d Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 14:29:20 -0300 Subject: [PATCH 02/11] Periodically fetch JWT only in GHA --- magic-nix-cache/src/env.rs | 12 ++++++++++- magic-nix-cache/src/flakehub.rs | 38 +++++++++++++++++++-------------- magic-nix-cache/src/main.rs | 19 +++++++++++++++-- 3 files changed, 50 insertions(+), 19 deletions(-) diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs index 2af3313..464221c 100644 --- a/magic-nix-cache/src/env.rs +++ b/magic-nix-cache/src/env.rs @@ -7,6 +7,16 @@ pub enum Environment { Other, } +impl Environment { + pub fn is_github_actions(&self) -> bool { + matches!(self, Self::GitHubActions) + } + + pub fn is_gitlab_ci(&self) -> bool { + matches!(self, Self::GitLabCI) + } +} + impl ToString for Environment { fn to_string(&self) -> String { use Environment::*; @@ -14,7 +24,7 @@ impl ToString for Environment { String::from(match self { GitHubActions => "GitHub Actions", GitLabCI => "GitLab CI", - _ => "unspecified", + _ => "an unspecified environment", }) } } diff --git a/magic-nix-cache/src/flakehub.rs b/magic-nix-cache/src/flakehub.rs index 1dbd79a..b3d3a6f 100644 --- a/magic-nix-cache/src/flakehub.rs +++ b/magic-nix-cache/src/flakehub.rs @@ -1,3 +1,4 @@ +use crate::env::Environment; use crate::error::{Error, Result}; use attic::cache::CacheName; use attic::nix_store::{NixStore, StorePath}; @@ -27,6 +28,7 @@ pub struct State { } pub async fn init_cache( + environment: Environment, flakehub_api_server: &Url, flakehub_api_server_netrc: &Path, flakehub_cache_server: &Url, @@ -102,22 +104,26 @@ pub async fn init_cache( let api_inner = ApiClient::from_server_config(server_config)?; let api = Arc::new(RwLock::new(api_inner)); - // NOTE(cole-h): This is a workaround -- at the time of writing, GitHub Actions JWTs are only - // valid for 5 minutes after being issued. FlakeHub uses these JWTs for authentication, which - // means that after those 5 minutes have passed and the token is expired, FlakeHub (and by - // extension FlakeHub Cache) will no longer allow requests using this token. However, GitHub - // gives us a way to repeatedly request new tokens, so we utilize that and refresh the token - // every 2 minutes (less than half of the lifetime of the token). - let netrc_path_clone = flakehub_api_server_netrc.to_path_buf(); - let initial_github_jwt_clone = flakehub_password.clone(); - let flakehub_cache_server_clone = flakehub_cache_server.to_string(); - let api_clone = api.clone(); - tokio::task::spawn(refresh_github_actions_jwt_worker( - netrc_path_clone, - initial_github_jwt_clone, - flakehub_cache_server_clone, - api_clone, - )); + // Periodically refresh JWT in GitHub Actions environment + if environment.is_github_actions() { + // NOTE(cole-h): This is a workaround -- at the time of writing, GitHub Actions JWTs are only + // valid for 5 minutes after being issued. FlakeHub uses these JWTs for authentication, which + // means that after those 5 minutes have passed and the token is expired, FlakeHub (and by + // extension FlakeHub Cache) will no longer allow requests using this token. However, GitHub + // gives us a way to repeatedly request new tokens, so we utilize that and refresh the token + // every 2 minutes (less than half of the lifetime of the token). + let netrc_path_clone = flakehub_api_server_netrc.to_path_buf(); + let initial_github_jwt_clone = flakehub_password.clone(); + let flakehub_cache_server_clone = flakehub_cache_server.to_string(); + let api_clone = api.clone(); + + tokio::task::spawn(refresh_github_actions_jwt_worker( + netrc_path_clone, + initial_github_jwt_clone, + flakehub_cache_server_clone, + api_clone, + )); + } // Get the cache UUID for this project. let cache_name = { diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index 037cb68..cd90c12 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -32,9 +32,11 @@ use ::attic::nix_store::NixStore; use anyhow::{anyhow, Context, Result}; use axum::{extract::Extension, routing::get, Router}; use clap::Parser; +use env::Environment; use tempfile::NamedTempFile; use tokio::process::Command; use tokio::sync::{oneshot, Mutex, RwLock}; +use tracing_subscriber::field::debug; use tracing_subscriber::filter::EnvFilter; use gha_cache::Credentials; @@ -115,6 +117,18 @@ struct Args { startup_notification_url: Option, } +impl Args { + fn validate(&self, environment: Environment) -> Result<(), error::Error> { + if environment.is_gitlab_ci() && self.use_gha_cache { + return Err(Error::Config(String::from( + "the --use-gha-cache flag should not be applied in GitLab CI", + ))); + } + + Ok(()) + } +} + /// The global server state. struct StateInner { /// State for uploading to the GHA cache. @@ -143,8 +157,9 @@ async fn main_cli() -> Result<()> { init_logging(); let args = Args::parse(); - - let _environment = determine_environment(); + let environment = determine_environment(); + tracing::debug!("Running in {environment}"); + args.validate(environment)?; let metrics = Arc::new(telemetry::TelemetryReport::new()); From 41327e96b587413b08b3acf90e9191ff094599c5 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 14:46:17 -0300 Subject: [PATCH 03/11] Address Clippy issues --- magic-nix-cache/src/env.rs | 31 +++++++++++++++++++------------ magic-nix-cache/src/error.rs | 3 --- magic-nix-cache/src/main.rs | 13 ++++++++++--- 3 files changed, 29 insertions(+), 18 deletions(-) diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs index 464221c..edc6453 100644 --- a/magic-nix-cache/src/env.rs +++ b/magic-nix-cache/src/env.rs @@ -1,6 +1,9 @@ -use crate::error::Error; -use std::env; +use std::{ + env, + fmt::{self, Display}, +}; +#[derive(Clone)] pub enum Environment { GitHubActions, GitLabCI, @@ -17,30 +20,34 @@ impl Environment { } } -impl ToString for Environment { - fn to_string(&self) -> String { +impl Display for Environment { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { use Environment::*; - String::from(match self { - GitHubActions => "GitHub Actions", - GitLabCI => "GitLab CI", - _ => "an unspecified environment", - }) + write!( + f, + "{}", + match self { + GitHubActions => "GitHub Actions", + GitLabCI => "GitLab CI", + Other => "an unspecified environment", + } + ) } } pub fn determine_environment() -> Environment { if env_var_is_true("GITHUB_ACTIONS") { - Environment::GitHubActions + return Environment::GitHubActions; } if env_var_is_true("CI") && env_var_is_true("GITLAB_CI") { - Environment::GitLabCI + return Environment::GitLabCI; } Environment::Other } fn env_var_is_true(e: &str) -> bool { - env::var(e).unwrap_or(String::from("")) == String::from("true") + &env::var(e).unwrap_or(String::from("")) == "true" } diff --git a/magic-nix-cache/src/error.rs b/magic-nix-cache/src/error.rs index ae479e1..ec1b8d3 100644 --- a/magic-nix-cache/src/error.rs +++ b/magic-nix-cache/src/error.rs @@ -19,9 +19,6 @@ pub enum Error { #[error("Bad Request")] BadRequest, - #[error("Current environment couldn't be determinate")] - UnknownEnv, - #[error("I/O error: {0}")] Io(#[from] std::io::Error), diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index cd90c12..b0024d6 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -33,10 +33,10 @@ use anyhow::{anyhow, Context, Result}; use axum::{extract::Extension, routing::get, Router}; use clap::Parser; use env::Environment; +use error::Error; use tempfile::NamedTempFile; use tokio::process::Command; use tokio::sync::{oneshot, Mutex, RwLock}; -use tracing_subscriber::field::debug; use tracing_subscriber::filter::EnvFilter; use gha_cache::Credentials; @@ -125,6 +125,12 @@ impl Args { ))); } + if environment.is_gitlab_ci() && !self.use_flakehub { + return Err(Error::Config(String::from( + "you must set --use-flakehub in GitLab CI", + ))); + } + Ok(()) } } @@ -158,8 +164,8 @@ async fn main_cli() -> Result<()> { let args = Args::parse(); let environment = determine_environment(); - tracing::debug!("Running in {environment}"); - args.validate(environment)?; + tracing::debug!("Running in {}", environment.to_string()); + args.validate(environment.clone())?; let metrics = Arc::new(telemetry::TelemetryReport::new()); @@ -187,6 +193,7 @@ async fn main_cli() -> Result<()> { let flakehub_flake_name = args.flakehub_flake_name; match flakehub::init_cache( + environment, &args .flakehub_api_server .ok_or_else(|| anyhow!("--flakehub-api-server is required"))?, From 8ad3089e93db17321bace9af1eff8cbf92a065b1 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 14:50:28 -0300 Subject: [PATCH 04/11] Remove unnecessary determine func --- magic-nix-cache/src/env.rs | 24 ++++++++++++------------ magic-nix-cache/src/main.rs | 12 ++++-------- 2 files changed, 16 insertions(+), 20 deletions(-) diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs index edc6453..fe27ccd 100644 --- a/magic-nix-cache/src/env.rs +++ b/magic-nix-cache/src/env.rs @@ -11,6 +11,18 @@ pub enum Environment { } impl Environment { + pub fn determine() -> Self { + if env_var_is_true("GITHUB_ACTIONS") { + return Environment::GitHubActions; + } + + if env_var_is_true("CI") && env_var_is_true("GITLAB_CI") { + return Environment::GitLabCI; + } + + Environment::Other + } + pub fn is_github_actions(&self) -> bool { matches!(self, Self::GitHubActions) } @@ -36,18 +48,6 @@ impl Display for Environment { } } -pub fn determine_environment() -> Environment { - if env_var_is_true("GITHUB_ACTIONS") { - return Environment::GitHubActions; - } - - if env_var_is_true("CI") && env_var_is_true("GITLAB_CI") { - return Environment::GitLabCI; - } - - Environment::Other -} - fn env_var_is_true(e: &str) -> bool { &env::var(e).unwrap_or(String::from("")) == "true" } diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index b0024d6..3b93ebc 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -32,8 +32,6 @@ use ::attic::nix_store::NixStore; use anyhow::{anyhow, Context, Result}; use axum::{extract::Extension, routing::get, Router}; use clap::Parser; -use env::Environment; -use error::Error; use tempfile::NamedTempFile; use tokio::process::Command; use tokio::sync::{oneshot, Mutex, RwLock}; @@ -41,8 +39,6 @@ use tracing_subscriber::filter::EnvFilter; use gha_cache::Credentials; -use crate::env::determine_environment; - type State = Arc; /// GitHub Actions-powered Nix binary cache @@ -118,15 +114,15 @@ struct Args { } impl Args { - fn validate(&self, environment: Environment) -> Result<(), error::Error> { + fn validate(&self, environment: env::Environment) -> Result<(), error::Error> { if environment.is_gitlab_ci() && self.use_gha_cache { - return Err(Error::Config(String::from( + return Err(error::Error::Config(String::from( "the --use-gha-cache flag should not be applied in GitLab CI", ))); } if environment.is_gitlab_ci() && !self.use_flakehub { - return Err(Error::Config(String::from( + return Err(error::Error::Config(String::from( "you must set --use-flakehub in GitLab CI", ))); } @@ -163,7 +159,7 @@ async fn main_cli() -> Result<()> { init_logging(); let args = Args::parse(); - let environment = determine_environment(); + let environment = env::Environment::determine(); tracing::debug!("Running in {}", environment.to_string()); args.validate(environment.clone())?; From a6e08a2a14bf630efb96899e8ad78890bf15f16a Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 14:54:44 -0300 Subject: [PATCH 05/11] Remove info statement when not in GHA --- magic-nix-cache/src/main.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index 3b93ebc..f30b161 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -263,7 +263,6 @@ async fn main_cli() -> Result<()> { tracing::info!("Native GitHub Action cache is enabled."); Some(gha_cache) } else { - tracing::info!("Native GitHub Action cache is disabled."); None }; From 06fb14658c86f8afee08b64f22d65a3754493b04 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 15:02:28 -0300 Subject: [PATCH 06/11] Reformat use statement Co-authored-by: Cole Helbling --- magic-nix-cache/src/env.rs | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs index fe27ccd..be8827e 100644 --- a/magic-nix-cache/src/env.rs +++ b/magic-nix-cache/src/env.rs @@ -1,7 +1,4 @@ -use std::{ - env, - fmt::{self, Display}, -}; +use std::fmt::{self, Display}; #[derive(Clone)] pub enum Environment { From 1ee5b1eec86041120339a001ef29b673ea691274 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 15:04:04 -0300 Subject: [PATCH 07/11] Provide more ergonomic env var checking Co-authored-by: Cole Helbling --- magic-nix-cache/src/env.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs index be8827e..e4852be 100644 --- a/magic-nix-cache/src/env.rs +++ b/magic-nix-cache/src/env.rs @@ -46,5 +46,5 @@ impl Display for Environment { } fn env_var_is_true(e: &str) -> bool { - &env::var(e).unwrap_or(String::from("")) == "true" + std::env::var(e).is_ok_and(|v| v == "true") } From c1c6574b309644aca44fa3844f3facf57d5c3111 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 15:04:40 -0300 Subject: [PATCH 08/11] Check only for GITLAB_CI variable --- magic-nix-cache/src/env.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs index e4852be..6f3cc63 100644 --- a/magic-nix-cache/src/env.rs +++ b/magic-nix-cache/src/env.rs @@ -13,7 +13,7 @@ impl Environment { return Environment::GitHubActions; } - if env_var_is_true("CI") && env_var_is_true("GITLAB_CI") { + if env_var_is_true("GITLAB_CI") { return Environment::GitLabCI; } From 1eb60034449094f1eb06bce82bb983ec1f6655b3 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 15:05:11 -0300 Subject: [PATCH 09/11] Derive Copy for Environment --- magic-nix-cache/src/env.rs | 2 +- magic-nix-cache/src/main.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/magic-nix-cache/src/env.rs b/magic-nix-cache/src/env.rs index 6f3cc63..1b59405 100644 --- a/magic-nix-cache/src/env.rs +++ b/magic-nix-cache/src/env.rs @@ -1,6 +1,6 @@ use std::fmt::{self, Display}; -#[derive(Clone)] +#[derive(Clone, Copy)] pub enum Environment { GitHubActions, GitLabCI, diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index f30b161..6aa266a 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -161,7 +161,7 @@ async fn main_cli() -> Result<()> { let args = Args::parse(); let environment = env::Environment::determine(); tracing::debug!("Running in {}", environment.to_string()); - args.validate(environment.clone())?; + args.validate(environment)?; let metrics = Arc::new(telemetry::TelemetryReport::new()); From ab6bb9c47a522065aef9b041defb092b16d7db48 Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 15:05:45 -0300 Subject: [PATCH 10/11] Restore info statement in GHA --- magic-nix-cache/src/main.rs | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/magic-nix-cache/src/main.rs b/magic-nix-cache/src/main.rs index 6aa266a..f7f8d1e 100644 --- a/magic-nix-cache/src/main.rs +++ b/magic-nix-cache/src/main.rs @@ -263,6 +263,10 @@ async fn main_cli() -> Result<()> { tracing::info!("Native GitHub Action cache is enabled."); Some(gha_cache) } else { + if environment.is_github_actions() { + tracing::info!("Native GitHub Action cache is disabled."); + } + None }; From 763508d326fb65b3bb401fd862db1e29ef81864f Mon Sep 17 00:00:00 2001 From: Luc Perkins Date: Thu, 16 May 2024 15:52:18 -0300 Subject: [PATCH 11/11] Use matrix for build.yaml --- .github/workflows/build.yaml | 99 +++++++----------------------------- 1 file changed, 18 insertions(+), 81 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 653bc07..0cffe12 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -5,18 +5,30 @@ on: workflow_call: jobs: - build-artifacts-ARM64-macOS: - runs-on: macos-latest-xlarge + build-artifacts: + runs-on: ${{ matrix.systems.runner }} + strategy: + matrix: + systems: + - nix-system: x86_64-linux + system: X64-Linux + runner: ubuntu-22.04 + - nix-system: aarch64-linux + system: ARM64-Linux + runner: namespace-profile-default-arm64 + - nix-system: x86_64-darwin + system: X64-macOS + runner: macos-12 + - nix-system: aarch64-darwin + system: ARM64-macOS + runner: macos-latest-xlarge permissions: contents: read id-token: write steps: - uses: actions/checkout@v3 - - uses: DeterminateSystems/nix-installer-action@main - - uses: DeterminateSystems/magic-nix-cache-action@main - - name: Build package run: "nix build .# -L --fallback && nix-store --export $(nix-store -qR ./result) | xz -9 > magic-nix-cache.closure.xz" @@ -24,81 +36,6 @@ jobs: uses: actions/upload-artifact@v3.1.2 with: # Artifact name - name: magic-nix-cache-ARM64-macOS - path: magic-nix-cache.closure.xz - retention-days: 1 - - build-artifacts-X64-macOS: - runs-on: macos-12 - permissions: - contents: read - id-token: write - steps: - - uses: actions/checkout@v3 - - - uses: DeterminateSystems/flake-checker-action@main - - - uses: DeterminateSystems/nix-installer-action@main - - - uses: DeterminateSystems/magic-nix-cache-action@main - - - name: Build package - run: "nix build .# -L --fallback && nix-store --export $(nix-store -qR ./result) | xz -9 > magic-nix-cache.closure.xz" - - - name: Upload a Build Artifact - uses: actions/upload-artifact@v3.1.2 - with: - # Artifact name - name: magic-nix-cache-X64-macOS - path: magic-nix-cache.closure.xz - retention-days: 1 - - build-artifacts-X64-Linux: - runs-on: ubuntu-22.04 - permissions: - contents: read - id-token: write - steps: - - uses: actions/checkout@v3 - - - uses: DeterminateSystems/flake-checker-action@main - - - uses: DeterminateSystems/nix-installer-action@main - - - uses: DeterminateSystems/magic-nix-cache-action@main - - - name: Build package - run: "nix build .# -L --fallback && nix-store --export $(nix-store -qR ./result) | xz -9 > magic-nix-cache.closure.xz" - - - name: Upload a Build Artifact - uses: actions/upload-artifact@v3.1.2 - with: - # Artifact name - name: magic-nix-cache-X64-Linux - path: magic-nix-cache.closure.xz - retention-days: 1 - - build-artifacts-ARM64-Linux: - runs-on: namespace-profile-default-arm64 - permissions: - contents: read - id-token: write - steps: - - uses: actions/checkout@v3 - - - uses: DeterminateSystems/flake-checker-action@main - - - uses: DeterminateSystems/nix-installer-action@main - - - uses: DeterminateSystems/magic-nix-cache-action@main - - - name: Build package - run: "nix build .# -L --fallback && nix-store --export $(nix-store -qR ./result) | xz -9 > magic-nix-cache.closure.xz" - - - name: Upload a Build Artifact - uses: actions/upload-artifact@v3.1.2 - with: - # Artifact name - name: magic-nix-cache-ARM64-Linux + name: magic-nix-cache-${{ matrix.systems.system }} path: magic-nix-cache.closure.xz retention-days: 1