ci: fine-grain trigger conditions

.github/workflows/cargo-audit.yml

@@ -1,4 +1,4 @@
-name: Security audit
+name: "Security audit"
 on:
   workflow_call:
   workflow_dispatch:

.github/workflows/cargo-build.yml

@@ -0,0 +1,40 @@
+name: "Build with Cargo"
+on:
+  workflow_call:
+  workflow_dispatch:
+  push:
+    branches: ["master"]
+  pull_request:
+    branches: ["master"]
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - uses: cachix/install-nix-action@v26
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+
+      - name: Install dependencies
+        run: nix profile install --inputs-from .#
+
+      - uses: actions-rs/toolchain@v1
+        name: Install rust toolchain
+        with:
+          toolchain: nightly
+          override: true
+
+      - uses: Swatinem/rust-cache@v2
+        name: Add caching
+
+      - uses: actions-rs/cargo@v1
+        name: Build crate
+        with:
+          command: build
+          args: --verbose

.github/workflows/cargo-update.yml

@@ -1,6 +1,7 @@
 name: "Update repository dependencies"
 
 on:
+  workflow_call:
   workflow_dispatch:
   schedule:
     - cron: "0 4 1 * *"
@@ -14,7 +15,7 @@ jobs:
         uses: DeterminateSystems/nix-installer-action@main
 
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Bump nix
         run: nix flake update
@@ -31,12 +32,12 @@ jobs:
         uses: peter-evans/create-pull-request@v4
         with:
           token: "${{ secrets.github_token }}"
-          title: "ci: update inputs"
+          title: "chore: update all inputs"
           author: GitHub <noreply@github.com>
-          branch: update
+          branch: automated-dep-updates
           branch-suffix: timestamp
           delete-branch: true
           commit-message: |
-            Update all inputs
+            chore: update all inputs
 
             Co-authored-by: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>

.github/workflows/nix-build.yml

@@ -0,0 +1,60 @@
+name: "Check flake & Build packages"
+
+on:
+  workflow_call:
+  workflow_dispatch:
+  pull_request:
+    branches: ["master"]
+
+jobs:
+  check-flake:
+    name: "Check flake validity"
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Install Nix
+        uses: DeterminateSystems/nix-installer-action@main
+        with:
+          logger: pretty
+
+      - name: Check Flake
+        run: nix flake check --accept-flake-config
+
+  build:
+    name: "Build Exposed Packages"
+    runs-on: ubuntu-latest
+    needs: check-flake
+    strategy:
+      matrix:
+        package:
+          - anyrun
+          - applications
+          - dictionary
+          - kidex
+          - randr
+          - rink
+          - shell
+          - stdin
+          - symbols
+          - websearch
+    steps:
+      - uses: easimon/maximize-build-space@v8
+        with:
+          overprovision-lvm: true
+          remove-android: true
+          remove-dotnet: true
+          remove-haskell: true
+          remove-docker-images: true
+          remove-codeql: true
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - uses: cachix/install-nix-action@v26
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+
+      - name: Build anyrun from the defined matrix
+        run: nix build .#${{ matrix.package }} --print-build-logs --extra-substituters "https://anyrun.cachix.org"

.github/workflows/nix-cache.yml

@@ -1,13 +1,8 @@
-name: "Set up binary cache & push binaries"
+name: "Check flake & Push built packages to cache"
 
 on:
+  workflow_call:
   workflow_dispatch:
-  pull_request:
-    branches:
-      - master
-    paths-ignore:
-      - .gitignore
-      - README.md
   push:
     branches:
       - master
@@ -33,7 +28,7 @@ jobs:
         run: nix flake check --accept-flake-config
 
   cachix:
-    name: "Build Exposed Packages"
+    name: "Build & Cache Exposed Packages"
     runs-on: ubuntu-latest
     needs: check-flake
     strategy:
@@ -65,13 +60,10 @@ jobs:
       - uses: cachix/install-nix-action@v26
       - uses: DeterminateSystems/magic-nix-cache-action@main
 
-      - uses: cachix/cachix-action@v12
+      - uses: cachix/cachix-action@v14
         with:
           authToken: ${{ secrets.CACHIX_TOKEN }}
           name: anyrun
 
-      - name: Set default git branch (to reduce log spam)
-        run: git config --global init.defaultBranch main
-
       - name: Build anyrun from the defined matrix
         run: nix build .#${{ matrix.package }} --print-build-logs --extra-substituters "https://anyrun.cachix.org"