From bb55fbf8ad4db9606702c5e438cd07146fc1cb93 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Domen=20Ko=C5=BEar?= <domen@dev.si>
Date: Mon, 6 Jul 2020 16:27:55 +0200
Subject: [PATCH 1/3] Continuous Integration with GitHub Actions

---
 .../continuous-integration-github-actions.rst | 80 +++++++++++++++++++
 source/tutorials/index.rst                    |  1 +
 2 files changed, 81 insertions(+)
 create mode 100644 source/tutorials/continuous-integration-github-actions.rst

diff --git a/source/tutorials/continuous-integration-github-actions.rst b/source/tutorials/continuous-integration-github-actions.rst
new file mode 100644
index 0000000..5ae9c90
--- /dev/null
+++ b/source/tutorials/continuous-integration-github-actions.rst
@@ -0,0 +1,80 @@
+Continuous Integration with GitHub Actions
+==========================================
+
+Setting up a **CI with Nix can take significant effort**.
+
+This tutorial guides you through **a few short steps** to start using `GitHub Actions <https://github.com/features/actions>`_.
+
+
+Caching builds using Cachix
+---------------------------
+
+One nice benefit of Nix is that **CI can build and cache developer environments 
+for every project** on every branch using binary caches.
+
+Another important aspect of CI is the feedback loop of 
+**how many minutes does the build take to finish**.
+
+Using `Cachix <cachix.org/>`_ you'll never
+have to waste building any derivation twice and you'll share built derivations with all your developers.
+
+After each job, just built derivations are pushed to your binary cache.
+
+Before each job, derivations to be built are first substituted (if they exist) from your binary cache.
+
+
+1. Creating your first binary cache
+***********************************
+
+It's recommended to have different binary caches per team, depending who will have write/read access to it.
+
+Fill out the form on `create binary cache <https://app.cachix.org/cache>`_ page. 
+
+On your freshly created binary cache, generate signing keypair via **Push binaries tab** instructions.
+
+
+2. Setting up secrets
+*********************
+
+On your GitHub repository or organization (for use across all repositories):
+
+1. Click on ``Settings`` 
+2. Click on ``Secrets``.
+3. Add your (previously generated) signing key under name ``CACHIX_SIGNING_KEY``.
+
+
+Setting up GitHub Actions
+-------------------------
+
+Create ``.github/workflows/test.yml`` with:
+
+.. code:: yaml
+
+    name: "Test"
+    on:
+      pull_request:
+      push:
+    jobs:
+      tests:
+        runs-on: ubuntu-latest
+        steps:
+        - uses: actions/checkout@v2.3.1
+        - uses: cachix/install-nix-action@v10
+        - uses: cachix/cachix-action@v6
+          with:
+            name: mycache
+            signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+            # Only needed for private caches
+            #authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
+        - run: nix-build
+
+Once you commit and push to your GitHub repository,
+you should see status checks appearing on commits and PRs.
+
+
+Going forward
+-------------
+
+- See `GitHub Actions workflow syntax <https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions>`_
+
+.. - example repo
\ No newline at end of file
diff --git a/source/tutorials/index.rst b/source/tutorials/index.rst
index dac8da8..367a526 100644
--- a/source/tutorials/index.rst
+++ b/source/tutorials/index.rst
@@ -8,6 +8,7 @@ Tutorials
    ad-hoc-developer-environments.rst
    towards-reproducibility-pinning-nixpkgs.rst
    declarative-and-reproducible-developer-environments.rst
+   continuous-integration-github-actions.rst
    dev-environment.rst
    building-and-running-docker-images.rst
    contributing.rst

From 65508e2023bfacb9c969ee33116c799b91931d9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Domen=20Ko=C5=BEar?= <domen@dev.si>
Date: Tue, 7 Jul 2020 10:26:09 +0200
Subject: [PATCH 2/3] feedback

---
 source/tutorials/continuous-integration-github-actions.rst | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/source/tutorials/continuous-integration-github-actions.rst b/source/tutorials/continuous-integration-github-actions.rst
index 5ae9c90..9133320 100644
--- a/source/tutorials/continuous-integration-github-actions.rst
+++ b/source/tutorials/continuous-integration-github-actions.rst
@@ -1,9 +1,9 @@
 Continuous Integration with GitHub Actions
 ==========================================
 
-Setting up a **CI with Nix can take significant effort**.
-
-This tutorial guides you through **a few short steps** to start using `GitHub Actions <https://github.com/features/actions>`_.
+This tutorial guides you through **a few short steps** to start using 
+`GitHub Actions <https://github.com/features/actions>`_ as your CI
+for commits and pull requests.
 
 
 Caching builds using Cachix

From 4fcc556e3f391ec5511954059f5fa6c6a519eb42 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Domen=20Ko=C5=BEar?= <domen@dev.si>
Date: Tue, 7 Jul 2020 11:27:40 +0200
Subject: [PATCH 3/3] Update
 source/tutorials/continuous-integration-github-actions.rst

Co-authored-by: zimbatm <zimbatm@zimbatm.com>
---
 source/tutorials/continuous-integration-github-actions.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/source/tutorials/continuous-integration-github-actions.rst b/source/tutorials/continuous-integration-github-actions.rst
index 9133320..eed57f3 100644
--- a/source/tutorials/continuous-integration-github-actions.rst
+++ b/source/tutorials/continuous-integration-github-actions.rst
@@ -67,6 +67,7 @@ Create ``.github/workflows/test.yml`` with:
             # Only needed for private caches
             #authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
         - run: nix-build
+        - run: nix-shell --run "echo OK"
 
 Once you commit and push to your GitHub repository,
 you should see status checks appearing on commits and PRs.
@@ -77,4 +78,4 @@ Going forward
 
 - See `GitHub Actions workflow syntax <https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions>`_
 
-.. - example repo
\ No newline at end of file
+.. - example repo