From b9e160e120ecaa42ecd495d93de11e530265c541 Mon Sep 17 00:00:00 2001
From: Daniel Salazar <podany270895@gmail.com>
Date: Wed, 5 Apr 2023 14:57:09 -0500
Subject: [PATCH] feat(build): #1064 buildjet arm runners

- Use buildjet arm runners for building arm
containers

Signed-off-by: Daniel Salazar <podany270895@gmail.com>
---
 .github/workflows/prod.yml                 | 38 +++++++++++++++++++---
 makes.nix                                  | 31 +++++++++++++++---
 src/args/lint-nix/default.nix              | 25 +++++++-------
 src/evaluator/modules/lint-nix/default.nix |  5 +--
 4 files changed, 74 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml
index 6889cf2f..e3863005 100644
--- a/.github/workflows/prod.yml
+++ b/.github/workflows/prod.yml
@@ -2,7 +2,7 @@ concurrency:
   cancel-in-progress: true
   group: ${{ github.actor }}
 jobs:
-  deployContainerImage_makesLatest:
+  deployContainerImage_makesLatestAmd64:
     if: ${{ github.repository == 'fluidattacks/makes' }}
     runs-on: ubuntu-latest
     permissions:
@@ -16,8 +16,23 @@ jobs:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           set-safe-directory: /github/workspace
-          args: sh -c "nix-env -if . && m . /deployContainerImage/makesLatest"
-  deployContainerImage_makesPinned:
+          args: sh -c "nix-env -if . && m . /deployContainerImage/makesLatestAmd64"
+  deployContainerImage_makesLatestArm64:
+    if: ${{ github.repository == 'fluidattacks/makes' }}
+    runs-on: buildjet-2vcpu-ubuntu-2204-arm
+    permissions:
+      packages: write
+      id-token: write
+    steps:
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - uses: docker://docker.io/nixos/nix@sha256:1d13ae379fb8caf3f859c5ce7ec6002643d60cf8b7b6147b949cc34880c93bac
+        env:
+          GITHUB_ACTOR: ${{ github.actor }}
+          GITHUB_TOKEN: ${{ github.token }}
+        with:
+          set-safe-directory: /github/workspace
+          args: sh -c "nix-env -if . && m . /deployContainerImage/makesLatestArm64"
+  deployContainerImage_makesPinnedAmd64:
     if: ${{ github.repository == 'fluidattacks/makes' }}
     runs-on: ubuntu-latest
     permissions:
@@ -31,7 +46,22 @@ jobs:
           GITHUB_TOKEN: ${{ github.token }}
         with:
           set-safe-directory: /github/workspace
-          args: sh -c "nix-env -if . && m . /deployContainerImage/makesPinned"
+          args: sh -c "nix-env -if . && m . /deployContainerImage/makesPinnedAmd64"
+  deployContainerImage_makesPinnedArm64:
+    if: ${{ github.repository == 'fluidattacks/makes' }}
+    runs-on: buildjet-2vcpu-ubuntu-2204-arm
+    permissions:
+      packages: write
+      id-token: write
+    steps:
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - uses: docker://docker.io/nixos/nix@sha256:1d13ae379fb8caf3f859c5ce7ec6002643d60cf8b7b6147b949cc34880c93bac
+        env:
+          GITHUB_ACTOR: ${{ github.actor }}
+          GITHUB_TOKEN: ${{ github.token }}
+        with:
+          set-safe-directory: /github/workspace
+          args: sh -c "nix-env -if . && m . /deployContainerImage/makesPinnedArm64"
   releaseGitHub:
     if: ${{ github.repository == 'fluidattacks/makes' }}
     runs-on: ubuntu-latest
diff --git a/makes.nix b/makes.nix
index 4bb6e897..33278ca6 100644
--- a/makes.nix
+++ b/makes.nix
@@ -1,5 +1,4 @@
 {
-  __nixpkgs__,
   fetchNixpkgs,
   inputs,
   outputs,
@@ -26,7 +25,7 @@
   };
   deployContainerImage = {
     images = {
-      makesLatest = {
+      makesLatestAmd64 = {
         attempts = 3;
         credentials = {
           token = "GITHUB_TOKEN";
@@ -35,9 +34,9 @@
         registry = "ghcr.io";
         src = outputs."/container-image";
         sign = true;
-        tag = "fluidattacks/makes:latest";
+        tag = "fluidattacks/makes/amd64:latest";
       };
-      makesPinned = {
+      makesLatestArm64 = {
         attempts = 3;
         credentials = {
           token = "GITHUB_TOKEN";
@@ -46,7 +45,29 @@
         registry = "ghcr.io";
         src = outputs."/container-image";
         sign = true;
-        tag = "fluidattacks/makes:23.04";
+        tag = "fluidattacks/makes/arm64:latest";
+      };
+      makesPinnedAmd64 = {
+        attempts = 3;
+        credentials = {
+          token = "GITHUB_TOKEN";
+          user = "GITHUB_ACTOR";
+        };
+        registry = "ghcr.io";
+        src = outputs."/container-image";
+        sign = true;
+        tag = "fluidattacks/makes/amd64:23.04";
+      };
+      makesPinnedArm64 = {
+        attempts = 3;
+        credentials = {
+          token = "GITHUB_TOKEN";
+          user = "GITHUB_ACTOR";
+        };
+        registry = "ghcr.io";
+        src = outputs."/container-image";
+        sign = true;
+        tag = "fluidattacks/makes/arm64:23.04";
       };
     };
   };
diff --git a/src/args/lint-nix/default.nix b/src/args/lint-nix/default.nix
index 920e7525..b5593ed7 100644
--- a/src/args/lint-nix/default.nix
+++ b/src/args/lint-nix/default.nix
@@ -7,15 +7,16 @@
   name,
   targets,
   ...
-}: makeScript {
-    replace = {
-      __argTargets__ = toBashArray targets;
-    };
-    name = "lint-nix-for-${name}";
-    searchPaths = {
-      bin = [
-        __nixpkgs__.statix
-      ];
-    };
-    entrypoint = ./entrypoint.sh;
-  }
+}:
+makeScript {
+  replace = {
+    __argTargets__ = toBashArray targets;
+  };
+  name = "lint-nix-for-${name}";
+  searchPaths = {
+    bin = [
+      __nixpkgs__.statix
+    ];
+  };
+  entrypoint = ./entrypoint.sh;
+}
diff --git a/src/evaluator/modules/lint-nix/default.nix b/src/evaluator/modules/lint-nix/default.nix
index c2f66b24..b95cafe8 100644
--- a/src/evaluator/modules/lint-nix/default.nix
+++ b/src/evaluator/modules/lint-nix/default.nix
@@ -1,7 +1,4 @@
-{
-  lintNix,
-  ...
-}: {
+{lintNix, ...}: {
   config,
   lib,
   ...