From e1534d6859b2d6a6f725fa2139ad21979f88cb20 Mon Sep 17 00:00:00 2001
From: Loic Nageleisen <loic.nageleisen@datadoghq.com>
Date: Wed, 27 Nov 2024 08:48:03 +0100
Subject: [PATCH 1/6] Add Nix to CI

---
 .github/workflows/nix.yml | 50 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 .github/workflows/nix.yml

diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
new file mode 100644
index 0000000..676995b
--- /dev/null
+++ b/.github/workflows/nix.yml
@@ -0,0 +1,50 @@
+name: Test Nix
+
+on:
+  push:
+    branches:
+      - "**"
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - os: darwin
+            cpu: x86_64
+            base: macos-13 # always x86_64-darwin
+          - os: darwin
+            cpu: arm64
+            base: macos-14 # always arm64-darwin
+          - os: linux
+            cpu: x86_64
+            base: ubuntu-24.04 # always x86_64-linux-gnu
+          - os: linux
+            cpu: aarch64
+            base: arm-4core-linux-ubuntu24.04 # always aarch64-linux-gnu
+        nix:
+          - 24.05
+
+    name: Test Nix (${{ matrix.platform.cpu }}-${{ matrix.platform.os }}, ${{ matrix.nix }})
+    runs-on: ${{ matrix.platform.base }}
+
+    permissions:
+      contents: read
+      id-token: write
+
+    steps:
+      - name: Check CPU arch
+        run: |
+          test "$(uname -m)" = "${{ matrix.platform.cpu }}"
+      - uses: actions/checkout@v4
+      - uses: DeterminateSystems/nix-installer-action@v16
+      - uses: DeterminateSystems/magic-nix-cache-action@v8
+      - name: Print ruby version
+        run: |
+          nix develop --command which ruby
+          nix develop --command ruby --version
+      - name: Bundle install
+        run: nix develop --command bundle install
+      - name: Run tests
+        run: nix develop --command bundle exec rake docker:list

From 1878ce1c2ba4043b3c161023ce0f2026e8919e0d Mon Sep 17 00:00:00 2001
From: Loic Nageleisen <loic.nageleisen@datadoghq.com>
Date: Wed, 27 Nov 2024 09:09:09 +0100
Subject: [PATCH 2/6] Remove unused Nix version from matrix

---
 .github/workflows/nix.yml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index 676995b..09d9464 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -23,10 +23,8 @@ jobs:
           - os: linux
             cpu: aarch64
             base: arm-4core-linux-ubuntu24.04 # always aarch64-linux-gnu
-        nix:
-          - 24.05
 
-    name: Test Nix (${{ matrix.platform.cpu }}-${{ matrix.platform.os }}, ${{ matrix.nix }})
+    name: Test Nix (${{ matrix.platform.cpu }}-${{ matrix.platform.os }})
     runs-on: ${{ matrix.platform.base }}
 
     permissions:

From 80726df81fbbfc815ab3ab334ed3b2974aa9bb0d Mon Sep 17 00:00:00 2001
From: Loic Nageleisen <loic.nageleisen@datadoghq.com>
Date: Wed, 27 Nov 2024 09:10:20 +0100
Subject: [PATCH 3/6] Pin nix-installer version

---
 .github/workflows/nix.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index 09d9464..4ed1e1c 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -14,15 +14,23 @@ jobs:
           - os: darwin
             cpu: x86_64
             base: macos-13 # always x86_64-darwin
+            nix-installer:
+              platform: x86_64-darwin
           - os: darwin
             cpu: arm64
             base: macos-14 # always arm64-darwin
+            nix-installer:
+              platform: aarch64-darwin
           - os: linux
             cpu: x86_64
             base: ubuntu-24.04 # always x86_64-linux-gnu
+            nix-installer:
+              platform: x86_64-linux
           - os: linux
             cpu: aarch64
             base: arm-4core-linux-ubuntu24.04 # always aarch64-linux-gnu
+            nix-installer:
+              platform: aarch64-linux
 
     name: Test Nix (${{ matrix.platform.cpu }}-${{ matrix.platform.os }})
     runs-on: ${{ matrix.platform.base }}
@@ -37,6 +45,8 @@ jobs:
           test "$(uname -m)" = "${{ matrix.platform.cpu }}"
       - uses: actions/checkout@v4
       - uses: DeterminateSystems/nix-installer-action@v16
+        with:
+          source-url: https://github.com/DeterminateSystems/nix-installer/releases/download/v0.30.0/nix-installer-${{ matrix.platform.nix-installer.platform }}
       - uses: DeterminateSystems/magic-nix-cache-action@v8
       - name: Print ruby version
         run: |

From ce8c083eb0b02dcd9f02a45926678f78d9f35ea8 Mon Sep 17 00:00:00 2001
From: Loic Nageleisen <loic.nageleisen@datadoghq.com>
Date: Wed, 27 Nov 2024 09:17:56 +0100
Subject: [PATCH 4/6] Add Nix version diagnostic information

---
 .github/workflows/nix.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index 4ed1e1c..c2ef816 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -48,6 +48,9 @@ jobs:
         with:
           source-url: https://github.com/DeterminateSystems/nix-installer/releases/download/v0.30.0/nix-installer-${{ matrix.platform.nix-installer.platform }}
       - uses: DeterminateSystems/magic-nix-cache-action@v8
+      - name: Print Nix version
+        run: |
+          nix --version
       - name: Print ruby version
         run: |
           nix develop --command which ruby

From 49217f36db1c4175e7d780311c5b74b1013a2f18 Mon Sep 17 00:00:00 2001
From: Loic Nageleisen <loic.nageleisen@datadoghq.com>
Date: Wed, 27 Nov 2024 09:43:19 +0100
Subject: [PATCH 5/6] Disable credential storage

---
 .github/workflows/nix.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index c2ef816..7370d54 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -44,6 +44,8 @@ jobs:
         run: |
           test "$(uname -m)" = "${{ matrix.platform.cpu }}"
       - uses: actions/checkout@v4
+        with:
+          persist-credentials: false
       - uses: DeterminateSystems/nix-installer-action@v16
         with:
           source-url: https://github.com/DeterminateSystems/nix-installer/releases/download/v0.30.0/nix-installer-${{ matrix.platform.nix-installer.platform }}

From 715e206bc4d806e32e4f0c24139c01baf967a8e5 Mon Sep 17 00:00:00 2001
From: Loic Nageleisen <loic.nageleisen@datadoghq.com>
Date: Wed, 27 Nov 2024 11:45:14 +0100
Subject: [PATCH 6/6] Pin Nix actions

---
 .github/workflows/nix.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/nix.yml b/.github/workflows/nix.yml
index 7370d54..b2779b1 100644
--- a/.github/workflows/nix.yml
+++ b/.github/workflows/nix.yml
@@ -46,10 +46,10 @@ jobs:
       - uses: actions/checkout@v4
         with:
           persist-credentials: false
-      - uses: DeterminateSystems/nix-installer-action@v16
+      - uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d
         with:
           source-url: https://github.com/DeterminateSystems/nix-installer/releases/download/v0.30.0/nix-installer-${{ matrix.platform.nix-installer.platform }}
-      - uses: DeterminateSystems/magic-nix-cache-action@v8
+      - uses: DeterminateSystems/magic-nix-cache-action@87b14cf437d03d37989d87f0fa5ce4f5dc1a330b
       - name: Print Nix version
         run: |
           nix --version