devbox/.github/workflows/cli-tests.yaml at main · jetify-com/devbox · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
name: cli-tests
# Runs the Devbox CLI tests

concurrency:
  group: ${{ github.ref }}
  cancel-in-progress: true

on:
  pull_request:
  push:
    branches:
      - main
  merge_group:
    branches:
      - main
  workflow_call:
    inputs:
      run-mac-tests:
        type: boolean
  workflow_dispatch:
    inputs:
      run-mac-tests:
        type: boolean
        description: Run tests on macOS
      example-debug:
        type: boolean
        description: Run example tests with DEVBOX_DEBUG=1 to increase verbosity
  schedule:
    - cron: '30 8 * * *' # Run nightly at 8:30 UTC

permissions:
  contents: read
  pull-requests: read

defaults:
  run:
    # Explicitly setting the shell to bash runs commands with
    # `bash --noprofile --norc -eo pipefail` instead of `bash -e`.
    shell: bash

env:
  DEVBOX_DEBUG: 1
  DEVBOX_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  HOMEBREW_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  HOMEBREW_NO_ANALYTICS: 1
  HOMEBREW_NO_AUTO_UPDATE: 1
  HOMEBREW_NO_EMOJI: 1
  HOMEBREW_NO_ENV_HINTS: 1
  HOMEBREW_NO_INSTALL_CLEANUP: 1
  NIX_CONFIG: |
    access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}

jobs:
  build-devbox:
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version-file: ./go.mod
      - name: Build devbox
        run: go build -o dist/devbox ./cmd/devbox
      - name: Upload devbox artifact
        uses: actions/upload-artifact@v4
        with:
          name: devbox-${{ runner.os }}-${{ runner.arch }}
          path: ./dist/devbox
          retention-days: 7

  typos:
    name: Spell Check with Typos
    if: github.ref != 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: crate-ci/typos@v1.16.26

  flake-test:
    name: Test Flake Build
    if: github.ref != 'refs/heads/main'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Install devbox
        uses: jetify-com/devbox-install-action@jl/migrate-installer
        with:
          enable-cache: true
      - name: Build flake
        run: |
          if ! devbox run build-flake; then
            echo "::warning::If this fails, you probably have to run 'devbox run update-hash'"
            exit 1
          fi
      - run: ./result/bin/devbox version

  golangci-lint:
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
    runs-on: ${{ matrix.os }}
    timeout-minutes: 10
    steps:
      - uses: actions/checkout@v4

      - name: Install devbox
        uses: jetify-com/devbox-install-action@jl/migrate-installer
        with:
          enable-cache: true

      - name: Mount golang cache
        uses: actions/cache@v4
        with:
          path: |
            ~/.cache/golangci-lint
            ~/.cache/go-build
            ~/go/pkg
          key: go-${{ runner.os }}-${{ hashFiles('go.sum') }}

      - run:  devbox run lint

  test:
    needs: build-devbox
    strategy:
      matrix:
        is-main:
          - ${{ github.ref == 'refs/heads/main' && 'is-main' || 'not-main' }}
        os: [ubuntu-latest, macos-latest]
        # This is an optimization that runs tests twice, with and without
        # the devbox.json tests. We can require the other tests to complete before
        # merging, while keeping the others as an additional non-required signal
        run-project-tests: ["project-tests-only", "project-tests-off"]
        # Run tests on:
        # 1. the oldest supported nix version (Nixpkgs requires >= 2.18 as of 2026)
        # 2. nix 2.19.2: version before nix profile changes
        # 3. latest nix version (note, 2.20.1 introduced a new profile change)
        nix-version: ["2.18.0", "2.19.2", "2.30.2"]
        exclude:
          # Only runs tests on macos if explicitly requested, or on a schedule
          - os: "${{ (inputs.run-mac-tests || github.event.schedule != '') && 'dummy' || 'macos-latest' }}"


    runs-on: ${{ matrix.os }}
    timeout-minutes: 60
    env:
      # For devbox.json tests, we default to non-debug mode since the debug output is less useful than for unit testscripts.
      # But we allow overriding via inputs.example-debug
      DEVBOX_DEBUG: ${{ (matrix.run-project-tests == 'project-tests-off' || inputs.example-debug) && '1' || '0' }}
      DEVBOX_GOLANG_TEST_TIMEOUT: "${{ (github.ref == 'refs/heads/main' || inputs.run-mac-tests) && '1h' || '30m' }}"
    steps:
      - name: clear directories to reduce disk usage
        # https://github.com/actions/runner-images/issues/2840#issuecomment-1284059930
        run: |
          sudo rm -rf /usr/share/dotnet
          sudo rm -rf "$AGENT_TOOLSDIRECTORY"

      - uses: actions/checkout@v4
      - name: Mount golang cache
        uses: actions/cache@v4
        with:
          path: |
            ~/.cache/go-build
            ~/go/pkg
          key: go-devbox-tests-${{ runner.os }}-${{ hashFiles('go.sum') }}
      - name: Install additional shells (dash, zsh)
        run: |
          if [ "$RUNNER_OS" == "Linux" ]; then
            sudo apt-get update
            sudo apt-get install dash zsh
          elif [ "$RUNNER_OS" == "macOS" ]; then
            brew update
            brew install dash zsh
          fi
      - name: Install devbox
        uses: jetify-com/devbox-install-action@jl/migrate-installer
        with:
          enable-cache: true
      - name: Setup Nix GitHub authentication
        run: |
          # Setup github authentication to ensure Github's rate limits are not hit
          # For macOS, we need to configure the system-wide nix.conf because the Nix daemon
          # runs as a different user and doesn't read the user's ~/.config/nix/nix.conf
          if [ "$RUNNER_OS" == "macOS" ]; then
            echo "Configuring system-wide Nix config for macOS daemon"
            # Ensure /etc/nix directory exists
            if [ ! -d /etc/nix ]; then
              sudo mkdir -p /etc/nix
            fi
            # Check if file exists, create it if not
            if [ ! -f /etc/nix/nix.conf ]; then
              echo "# Nix configuration" | sudo tee /etc/nix/nix.conf > /dev/null
            fi
            echo "access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}" | sudo tee -a /etc/nix/nix.conf
            # Restart nix daemon to pick up the new configuration
            sudo launchctl stop org.nixos.nix-daemon || true
            sudo launchctl start org.nixos.nix-daemon || true
            sleep 2  # Give daemon time to restart
          fi
          # For Linux and as a backup for macOS, also configure user config
          mkdir -p ~/.config/nix
          echo "access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}" > ~/.config/nix/nix.conf
      - name: Run fast tests
        if: matrix.run-project-tests == 'project-tests-off'
        run: |
          echo "::group::Nix version"
          nix --version
          echo "::endgroup::"
          echo "::group::Contents of /etc/nix/nix.conf"
          cat /etc/nix/nix.conf || true
          echo "::endgroup::"
          echo "::group::Resolved Nix config"
          nix show-config --extra-experimental-features nix-command
          echo "::endgroup::"
          devbox run go test -v -timeout $DEVBOX_GOLANG_TEST_TIMEOUT ./...
      - name: Run project (slow) tests
        if:  matrix.run-project-tests == 'project-tests-only'
        run: devbox run test-projects-only

  auto-nix-install: # ensure Devbox installs nix and works properly after installation.
    needs: build-devbox
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
        use-detsys: [true, false]
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@v4
      - name: Download devbox
        uses: actions/download-artifact@v4
        with:
          name: devbox-${{ runner.os }}-${{ runner.arch }}
      - name: Add devbox to path
        run: |
          chmod +x ./devbox
          sudo mv ./devbox /usr/local/bin/
      - name: Install nix and devbox packages
        run: |
          export NIX_INSTALLER_NO_CHANNEL_ADD=1
          export DEVBOX_FEATURE_DETSYS_INSTALLER=${{ matrix.use-detsys }}

          # Setup github authentication BEFORE running devbox to ensure Github's rate limits are not hit.
          # Configure user config first (Nix installer will respect this)
          mkdir -p ~/.config/nix
          echo "access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}" > ~/.config/nix/nix.conf

          # Run devbox which will auto-install Nix if needed
          devbox run echo "Installing packages..."

          # After Nix is installed, configure system-wide config for the daemon on macOS
          if [ "$RUNNER_OS" == "macOS" ]; then
            echo "Configuring system-wide Nix config for macOS daemon"
            # Check if file exists, create directory if needed
            if [ ! -f /etc/nix/nix.conf ]; then
              sudo mkdir -p /etc/nix
              echo "# Nix configuration" | sudo tee /etc/nix/nix.conf > /dev/null
            fi
            echo "access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}" | sudo tee -a /etc/nix/nix.conf
            # Restart nix daemon to pick up the new configuration
            sudo launchctl stop org.nixos.nix-daemon || true
            sudo launchctl start org.nixos.nix-daemon || true
            sleep 2  # Give daemon time to restart
          fi
      - name: Test removing package
        run: devbox rm go

  # Run a sanity test to make sure Devbox can install and remove packages with
  # the last few Nix releases.
  test-nix-versions:
    needs: build-devbox
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
        nix-version: [2.18.0, 2.19.2, 2.24.7, 2.30.2]
    runs-on: ${{ matrix.os }}
    steps:
      - uses: actions/checkout@v4
      - name: Download devbox
        uses: actions/download-artifact@v4
        with:
          name: devbox-${{ runner.os }}-${{ runner.arch }}
      - name: Add devbox to path
        run: |
          chmod +x ./devbox
          sudo mv ./devbox /usr/local/bin/
      - name: Install Nix
        uses: DeterminateSystems/nix-installer-action@v4
        with:
          logger: pretty
          extra-conf: experimental-features = ca-derivations fetch-closure
          nix-package-url: https://releases.nixos.org/nix/nix-${{ matrix.nix-version }}/nix-${{ matrix.nix-version }}-${{ runner.arch == 'X64' && 'x86_64' || 'aarch64' }}-${{ runner.os == 'macOS' && 'darwin' || 'linux' }}.tar.xz
      - name: Run devbox install, devbox run, devbox rm
        run: |
          echo "::group::Nix version"
          nix --version
          echo "::endgroup::"
          echo "::group::Contents of /etc/nix/nix.conf"
          cat /etc/nix/nix.conf || true
          echo "::endgroup::"
          echo "::group::Resolved Nix config"
          nix show-config --extra-experimental-features nix-command
          echo "::endgroup::"
          devbox install
          devbox run -- echo "Hello from devbox!"
          devbox rm go