name: KVM Publishable Validation on: push: workflow_dispatch: jobs: publishable-kvm-suite: runs-on: nix-host timeout-minutes: 360 steps: - name: Ensure Nix Is Available run: | set -euo pipefail export PATH="/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:$HOME/.nix-profile/bin:$PATH" if [[ -f /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh ]]; then . /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh elif [[ -f "$HOME/.nix-profile/etc/profile.d/nix.sh" ]]; then . "$HOME/.nix-profile/etc/profile.d/nix.sh" fi if ! command -v nix >/dev/null 2>&1; then if ! command -v xz >/dev/null 2>&1; then echo "Nix is not on PATH and xz is unavailable for bootstrap" exit 1 fi curl -L https://nixos.org/nix/install | sh -s -- --no-daemon if [[ -f /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh ]]; then . /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh elif [[ -f "$HOME/.nix-profile/etc/profile.d/nix.sh" ]]; then . "$HOME/.nix-profile/etc/profile.d/nix.sh" fi fi mkdir -p "$HOME/.config/nix" printf '%s\n' 'experimental-features = nix-command flakes' > "$HOME/.config/nix/nix.conf" nix --version - name: Checkout Repository env: REPO_URL: https://git.centraworks.net/centra/photoncloud-monorepo run: | set -euo pipefail export PATH="/run/current-system/sw/bin:/usr/bin:/bin:$PATH" choose_checkout_root() { local candidate avail best="" best_avail=-1 for candidate in /var/tmp /tmp "$HOME"; do mkdir -p "$candidate" 2>/dev/null || continue avail="$(df -Pk "$candidate" 2>/dev/null | awk 'NR==2 { print $4 }')" [[ -n "$avail" ]] || continue if (( avail > best_avail )); then best="$candidate" best_avail="$avail" fi done printf '%s\n' "$best" } checkout_root="$(choose_checkout_root)" repo_root="$(mktemp -d "${checkout_root}/ultracloud-kvm-checkout.XXXXXX")" auth="$(printf '%s' "${GITHUB_ACTOR}:${GITHUB_TOKEN}" | base64 | tr -d '\n')" git init "$repo_root" cd "$repo_root" git remote add origin "$REPO_URL" git -c http.extraHeader="AUTHORIZATION: basic ${auth}" fetch --depth=1 origin "${GITHUB_SHA}" git checkout --detach FETCH_HEAD git config --global --add safe.directory "$repo_root" { printf 'REPO_ROOT=%s\n' "$repo_root" printf 'CHECKOUT_ROOT=%s\n' "$checkout_root" } >> "$GITHUB_ENV" - name: Probe KVM Environment run: | set -euo pipefail export PATH="/run/current-system/sw/bin:/usr/bin:/bin:$PATH" if [[ -f /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh ]]; then . /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh elif [[ -f "$HOME/.nix-profile/etc/profile.d/nix.sh" ]]; then . "$HOME/.nix-profile/etc/profile.d/nix.sh" fi echo "hostname=$(uname -n)" uname -a id test -e /dev/kvm ls -l /dev/kvm if [[ -f /sys/module/kvm_intel/parameters/nested ]]; then echo "kvm_intel_nested=$(cat /sys/module/kvm_intel/parameters/nested)" fi if [[ -f /sys/module/kvm_amd/parameters/nested ]]; then echo "kvm_amd_nested=$(cat /sys/module/kvm_amd/parameters/nested)" fi echo "runner_temp=${RUNNER_TEMP}" echo "repo_root=${REPO_ROOT}" echo "checkout_root=${CHECKOUT_ROOT}" df -h / /tmp /var/tmp "$RUNNER_TEMP" || true df -h "$REPO_ROOT" || true df -h /nix || true - name: Run Publishable KVM Suite run: | set -euo pipefail export PATH="/run/current-system/sw/bin:/usr/bin:/bin:$PATH" if [[ -f /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh ]]; then . /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh elif [[ -f "$HOME/.nix-profile/etc/profile.d/nix.sh" ]]; then . "$HOME/.nix-profile/etc/profile.d/nix.sh" fi cd "$REPO_ROOT" bash ./nix/test-cluster/run-publishable-kvm-suite.sh "$RUNNER_TEMP/publishable-kvm-suite"