Skip to content

CI: provision from manifest.scm via Guix#1

Open
polyedre wants to merge 3 commits into
mainfrom
ci-guix
Open

CI: provision from manifest.scm via Guix#1
polyedre wants to merge 3 commits into
mainfrom
ci-guix

Conversation

@polyedre

Copy link
Copy Markdown
Owner

What

Adds GitHub Actions CI and fixes the dependency provisioning so it can actually build.

  • CI workflow (.github/workflows/ci.yml) — on every push to main and every PR: install Guix, then run make build test test-examples inside guix shell -m manifest.scm.
  • manifest.scm — now declares the real dependencies: guile, guile-json (the (json) module), guile-libyaml (the (yaml) module), jq. It's the single source of truth; CI and dev provision from it identically.
  • test/examples.sh + make test-examples — render each standalone example through its own renderer and assert it exits 0 (smoke, not golden).
  • README — documents the Guile-library deps and the guix shell -m manifest.scm install path; FAQ no longer says "no CI yet".

Why Guix and not apt

The first apt-based attempt went red twice: (hexol k8s)/cmdb import (json) (guile-json) and (hexol ansible) imports (yaml) (guile-libyaml). guile-libyaml is FFI-based (nyacc + guile-bytestructures + libyaml) and isn't packaged for Ubuntu, so building it from apt is a fragile multi-package chain. hexol is already a Guix project (.envrc runs use_guix), so provisioning CI from manifest.scm is reproducible and matches the dev environment.

Verification

Locally, guix shell -m manifest.scm -- make build test test-examples is fully green (kernel/surface/construct/k8s/cmdb tests + all six example renders).

Note: main is currently red — the earlier apt-based CI commits landed there before we switched to PRs. Merging this fixes it.

🤖 Generated with Claude Code

polyedre added 3 commits June 20, 2026 10:58
The apt-based CI couldn't satisfy the build: (hexol k8s)/cmdb need
(json) from guile-json and (hexol ansible) needs (yaml) from
guile-libyaml, which isn't packaged for Ubuntu. hexol is a Guix
project anyway, so CI now installs Guix and runs the suite inside
`guix shell -m manifest.scm`, making the manifest the single source
of truth.

- manifest.scm: add guile-json + guile-libyaml (the real deps).
- ci.yml: install Guix, run make build/test/test-examples in the
  guix shell.
- README: document the Guile-library dependencies and the
  `guix shell -m manifest.scm` install path.

Verified locally: `guix shell -m manifest.scm -- make build test
test-examples` is fully green.
guix-install.sh blocks on a yes/no prompt that piped input can't
satisfy. Switch to the manual binary-tarball install from the Guix
manual: extract, create build users, start the daemon, authorize the
official substitute key, then run the suite in guix shell — all one
step so the backgrounded daemon survives.
examples/terraform.scm reads ~/.ssh/id_*.pub at render time; the
runner has none, so generate an ephemeral key (used only as rendered
data, never to connect).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant