├── .ci ├── .gitignore ├── push.sh ├── srht-job.yaml └── srht-submit.sh ├── .envrc ├── .github └── workflows │ └── update.yaml ├── .gitignore ├── README.md ├── flake.lock ├── flake.nix ├── generate.nu ├── latest.json ├── packages.nix ├── shell.nix ├── tests └── firefox.nix └── update.nu /.ci/.gitignore: -------------------------------------------------------------------------------- 1 | commit-message -------------------------------------------------------------------------------- /.ci/push.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -euo pipefail 3 | set -x 4 | 5 | if [[ ! -f ./.ci/commit-message ]]; then 6 | echo "nothing to push" 7 | exit 0 8 | fi 9 | 10 | ssh-keyscan github.com >> ${HOME}/.ssh/known_hosts 11 | 12 | git status 13 | git add -A . 14 | git status 15 | git diff-index --cached --quiet HEAD || git commit -m "$(cat .ci/commit-message)" 16 | git push origin HEAD 17 | -------------------------------------------------------------------------------- /.ci/srht-job.yaml: -------------------------------------------------------------------------------- 1 | image: nixos/unstable 2 | sources: 3 | - git@github.com:colemickens/flake-firefox-nightly 4 | secrets: 5 | - df3e056f-2931-4a93-86db-e40c2fa6098d # cachix.dhall 6 | - bd070f2a-01d1-4b7b-9795-036deb06912c # id_ed25519 7 | environment: 8 | CI_BUILD: "sr.ht" 9 | tasks: 10 | - prep: | 11 | nix-shell -I 'nixpkgs=https://github.com/nixos/nixpkgs/archive/nixos-unstable.tar.gz' -p git --command "git config --global user.name 'Cole Botkens'" 12 | nix-shell -I 'nixpkgs=https://github.com/nixos/nixpkgs/archive/nixos-unstable.tar.gz' -p git --command "git config --global user.email 'cole.mickens+colebot@gmail.com'" 13 | - flake-update: | 14 | cd flake-firefox-nightly 15 | nix-shell -I 'nixpkgs=https://github.com/nixos/nixpkgs/archive/nixos-unstable.tar.gz' -p nixUnstable --command "nix --experimental-features 'nix-command flakes' flake update --commit-lock-file --no-registries" 16 | - update: | 17 | cd flake-firefox-nightly 18 | nix-shell --pure --keep CI_BUILD --command "./update.sh" 19 | - push: | 20 | cd flake-firefox-nightly 21 | nix-shell --pure --keep CI_BUILD --command "./.ci/push.sh" 22 | -------------------------------------------------------------------------------- /.ci/srht-submit.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -euo pipefail 3 | set -x 4 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" 5 | 6 | BUILD_HOST="https://builds.sr.ht" 7 | TOKEN="$(cat "/run/secrets/srht-pat")" # this assumes we're submitting from a colemickens/nixcfg machine 8 | 9 | DATA="$(mktemp)" 10 | MANIFEST="$(jq -aRs . <"${DIR}/srht-job.yaml")" 11 | echo "{ \"tags\": [ \"flake-firefox-nightly\" ], \"manifest\": ${MANIFEST} }" > "${DATA}" 12 | trap "rm ${DATA}" EXIT 13 | 14 | curl \ 15 | -H "Authorization:token ${TOKEN}" \ 16 | -H "Content-Type: application/json" \ 17 | -d "@${DATA}" \ 18 | "${BUILD_HOST}/api/jobs" 19 | -------------------------------------------------------------------------------- /.envrc: -------------------------------------------------------------------------------- 1 | use flake 2 | -------------------------------------------------------------------------------- /.github/workflows/update.yaml: -------------------------------------------------------------------------------- 1 | name: "Update" 2 | on: 3 | workflow_dispatch: 4 | push: 5 | branches: 6 | - 'master' 7 | schedule: 8 | - cron: '*/60 * * * *' 9 | jobs: 10 | update: 11 | timeout-minutes: 15 12 | runs-on: nscloud-ubuntu-22.04-amd64-4x16 13 | steps: 14 | - uses: actions/checkout@v3 15 | with: 16 | fetch-depth: 0 # flakes doesn't work on shallow clones 17 | - name: install-nix 18 | uses: cachix/install-nix-action@v23 19 | with: 20 | github_access_token: ${{ secrets.GITHUB_TOKEN }} 21 | extra_nix_config: | 22 | system-features = kvm nixos-test 23 | experimental-features = nix-command flakes 24 | - uses: cachix/cachix-action@v12 25 | with: 26 | name: nixpkgs-wayland 27 | signingKey: '${{ secrets.cachix_key_nixpkgs_wayland }}' 28 | - name: git-setup 29 | run: | 30 | git config --global user.name 'Cole Botkens' 31 | git config --global user.email 'cole.mickens+colebot@gmail.com' 32 | - name: pre-load-devshell 33 | run: | 34 | nix build '.#devShells.x86_64-linux.default' 35 | - name: update 36 | run: | 37 | set -xeuo pipefail 38 | nix develop -c ./update.nu 39 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | result 2 | result* 3 | 4 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # flake-firefox-nightly 2 | 3 | [![Update](https://github.com/colemickens/flake-firefox-nightly/actions/workflows/update.yaml/badge.svg)](https://github.com/colemickens/flake-firefox-nightly/actions/workflows/update.yaml) 4 | 5 | ## overview 6 | 7 | This is a nix flake that lets you import `firefoxNightly` via flake 8 | in a pinned, safely reproducible manner. 9 | 10 | (put another way, this allows flakes --pure-eval + firefox-nightly, which 11 | otherwise is not so possbile) 12 | 13 | # Usage 14 | 15 | ```nix 16 | { pkgs, inputs, config, ... }: 17 | { 18 | config = { 19 | environment.systemPackages = [ 20 | inputs.firefox.packages.${pkgs.system}.firefox-nightly-bin 21 | ]; 22 | }; 23 | } 24 | ``` 25 | 26 | # Warnings 27 | 28 | 1. The structures of outputs of the flake may change if/when I update to export more of the 29 | firefox-overlay ouputs. (a breaking change for users potentially) 30 | 31 | # Security Warning 32 | 33 | Mozilla expects Firefox Nightly users to run with auto-update 34 | mechanisms to ensure they don't wind up stuck on an old nightly build. 35 | Using `nixpkgs-mozilla` already circumvents some of this philosophy by requiring 36 | you to update your system/profile frequently to get new builds. 37 | 38 | In some (hopefully minor) sense, this flake exacerbates that problem: 39 | 40 | 1. It requires users to update their flakes inputs (though this was already 41 | true for users that were using `niv` etc to pin `nixpkgs-mozilla`). 42 | 43 | 2. This repo adds up to an hour of lag, since the CI job runs on ~1 hour interval. 44 | Depending on when you update your inputs, and when the CI job runs, it's possible 45 | for you to "miss" a newer Nightly build that is actually available. 46 | -------------------------------------------------------------------------------- /flake.lock: -------------------------------------------------------------------------------- 1 | { 2 | "nodes": { 3 | "flake-compat": { 4 | "locked": { 5 | "lastModified": 1746162366, 6 | "narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=", 7 | "owner": "nix-community", 8 | "repo": "flake-compat", 9 | "rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b", 10 | "type": "github" 11 | }, 12 | "original": { 13 | "owner": "nix-community", 14 | "repo": "flake-compat", 15 | "type": "github" 16 | } 17 | }, 18 | "flake-utils": { 19 | "inputs": { 20 | "systems": "systems" 21 | }, 22 | "locked": { 23 | "lastModified": 1731533236, 24 | "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", 25 | "owner": "numtide", 26 | "repo": "flake-utils", 27 | "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", 28 | "type": "github" 29 | }, 30 | "original": { 31 | "owner": "numtide", 32 | "repo": "flake-utils", 33 | "type": "github" 34 | } 35 | }, 36 | "lib-aggregate": { 37 | "inputs": { 38 | "flake-utils": "flake-utils", 39 | "nixpkgs-lib": "nixpkgs-lib" 40 | }, 41 | "locked": { 42 | "lastModified": 1748780094, 43 | "narHash": "sha256-Gddy3E92A65ouVunaGPlVQhANaLpSRn7QWqUKBxDwGA=", 44 | "owner": "nix-community", 45 | "repo": "lib-aggregate", 46 | "rev": "374c7aa8306182d356c6eb0c9387444b1858e503", 47 | "type": "github" 48 | }, 49 | "original": { 50 | "owner": "nix-community", 51 | "repo": "lib-aggregate", 52 | "type": "github" 53 | } 54 | }, 55 | "nixpkgs": { 56 | "locked": { 57 | "lastModified": 1748856973, 58 | "narHash": "sha256-RlTsJUvvr8ErjPBsiwrGbbHYW8XbB/oek0Gi78XdWKg=", 59 | "owner": "nixos", 60 | "repo": "nixpkgs", 61 | "rev": "e4b09e47ace7d87de083786b404bf232eb6c89d8", 62 | "type": "github" 63 | }, 64 | "original": { 65 | "owner": "nixos", 66 | "ref": "nixos-unstable-small", 67 | "repo": "nixpkgs", 68 | "type": "github" 69 | } 70 | }, 71 | "nixpkgs-lib": { 72 | "locked": { 73 | "lastModified": 1748740939, 74 | "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", 75 | "owner": "nix-community", 76 | "repo": "nixpkgs.lib", 77 | "rev": "656a64127e9d791a334452c6b6606d17539476e2", 78 | "type": "github" 79 | }, 80 | "original": { 81 | "owner": "nix-community", 82 | "repo": "nixpkgs.lib", 83 | "type": "github" 84 | } 85 | }, 86 | "root": { 87 | "inputs": { 88 | "flake-compat": "flake-compat", 89 | "lib-aggregate": "lib-aggregate", 90 | "nixpkgs": "nixpkgs" 91 | } 92 | }, 93 | "systems": { 94 | "locked": { 95 | "lastModified": 1681028828, 96 | "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", 97 | "owner": "nix-systems", 98 | "repo": "default", 99 | "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", 100 | "type": "github" 101 | }, 102 | "original": { 103 | "owner": "nix-systems", 104 | "repo": "default", 105 | "type": "github" 106 | } 107 | } 108 | }, 109 | "root": "root", 110 | "version": 7 111 | } 112 | -------------------------------------------------------------------------------- /flake.nix: -------------------------------------------------------------------------------- 1 | { 2 | description = "firefox-nightly"; 3 | 4 | inputs = { 5 | nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; 6 | lib-aggregate.url = "github:nix-community/lib-aggregate"; 7 | flake-compat.url = "github:nix-community/flake-compat"; 8 | }; 9 | 10 | outputs = 11 | inputs: 12 | let 13 | inherit (inputs.lib-aggregate) lib; 14 | versions = builtins.fromJSON (builtins.readFile ./latest.json); 15 | 16 | overlay = 17 | final: prev: 18 | let 19 | mkFirefox = 20 | { 21 | branch, 22 | name, 23 | channel ? "release", 24 | }: 25 | let 26 | inherit (final.stdenv.hostPlatform) system; 27 | 28 | # map nixpkgs systems to mozilla 29 | mozSystem = 30 | { 31 | "x86_64-linux" = "linux-x86_64"; 32 | "aarch64-linux" = "linux-aarch64"; 33 | } 34 | .${system}; 35 | 36 | data = versions.${mozSystem}.${branch}; 37 | 38 | # compatibility with nixpkgs 24.11 and 25.05 39 | pr377863 = lib.functionArgs final.firefox-bin-unwrapped.override ? "applicationName"; 40 | 41 | unwrapped = 42 | if isNull data then 43 | throw "${name} is not available on ${system}!" 44 | else 45 | (final.firefox-bin-unwrapped.override ({ 46 | inherit channel; 47 | generated.version = data.version; 48 | } // lib.optionalAttrs pr377863 { 49 | applicationName = name; 50 | })).overrideAttrs 51 | { 52 | src = final.fetchurl { 53 | inherit (data) url hash; 54 | }; 55 | }; 56 | in 57 | final.wrapFirefox unwrapped ({ 58 | pname = "${unwrapped.binaryName}-bin"; 59 | } // lib.optionalAttrs (!pr377863) { 60 | desktopName = name; 61 | }); 62 | in 63 | { 64 | firefox-bin = mkFirefox { 65 | branch = "release"; 66 | name = "Firefox"; 67 | }; 68 | 69 | firefox-esr-bin = mkFirefox { 70 | branch = "esr"; 71 | name = "Firefox ESR"; 72 | }; 73 | 74 | firefox-beta-bin = mkFirefox { 75 | branch = "beta"; 76 | name = "Firefox Beta"; 77 | channel = "beta"; 78 | }; 79 | 80 | firefox-devedition-bin = mkFirefox { 81 | branch = "devedition"; 82 | name = "Firefox Developer Edition"; 83 | channel = "developer-edition"; 84 | }; 85 | 86 | firefox-nightly-bin = mkFirefox { 87 | branch = "nightly"; 88 | name = "Firefox Nightly"; 89 | channel = "nightly"; 90 | }; 91 | }; 92 | 93 | supportedSystems = [ "x86_64-linux" "aarch64-linux" ]; 94 | 95 | in 96 | { 97 | overlays.default = overlay; 98 | } 99 | // (lib.flake-utils.eachSystem supportedSystems ( 100 | system: 101 | let 102 | pkgs = import inputs.nixpkgs { 103 | inherit system; 104 | config.allowUnfree = true; 105 | }; 106 | 107 | firefoxPkgs = overlay pkgs pkgs; 108 | 109 | # https://nixos.org/manual/nixos/unstable/index.html#sec-calling-nixos-tests 110 | runNixOSTestFor = 111 | pkg: 112 | pkgs.testers.runNixOSTest { 113 | imports = [ ./tests/firefox.nix ]; 114 | defaults = { 115 | # Less dependencies 116 | documentation.enable = false; 117 | }; 118 | _module.args.firefoxPackage = pkg; 119 | }; 120 | in 121 | { 122 | devShells = { 123 | default = pkgs.mkShell { 124 | nativeBuildInputs = with pkgs; [ 125 | cachix 126 | nixVersions.latest 127 | nix-prefetch 128 | nix-build-uncached 129 | bash 130 | cacert 131 | curl 132 | git 133 | jq 134 | mercurial 135 | nushell 136 | openssh 137 | ripgrep 138 | ]; 139 | }; 140 | }; 141 | 142 | packages = firefoxPkgs // { 143 | default = pkgs.linkFarm "firefox-variants" ( 144 | lib.mapAttrsToList (name: value: { 145 | inherit name; 146 | path = value; 147 | }) firefoxPkgs 148 | ); 149 | }; 150 | 151 | checks = builtins.mapAttrs (_: value: runNixOSTestFor value) firefoxPkgs; 152 | } 153 | )); 154 | } 155 | -------------------------------------------------------------------------------- /generate.nu: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env nu 2 | const SYSTEMS = ["linux-x86_64" "linux-aarch64"]; 3 | 4 | def to_sri (hash: string) { 5 | return $"sha512-($hash | decode hex | encode base64)" 6 | } 7 | 8 | def fetch_release (version: string, system: string, extension: string) { 9 | let base = $"https://download.cdn.mozilla.net/pub/firefox/releases/($version)" 10 | 11 | let filename = $"($system)/en-US/firefox-($version).($extension)" 12 | 13 | let row = ( 14 | http get $"($base)/SHA512SUMS" 15 | | from ssv -m 1 --noheaders 16 | | where column1 == $filename 17 | ) 18 | 19 | if ($row | is-not-empty) { 20 | let hash = $row.column0.0 21 | 22 | return { 23 | version: $version, 24 | url: $"($base)/($filename)", 25 | hash: (to_sri $hash) 26 | } 27 | } else { 28 | return null 29 | } 30 | } 31 | 32 | def fetch_nightly (version: string, system: string) { 33 | let product = $"firefox-($version).en-US.($system)"; 34 | let data = http get $"https://download.cdn.mozilla.net/pub/firefox/nightly/latest-mozilla-central/($product).buildhub.json"; 35 | 36 | let url = $data.download.url 37 | 38 | let hash = ( 39 | http get $"($url | path dirname)/($product).checksums" 40 | | from ssv -m 1 --noheaders 41 | | where column1 == "sha512" 42 | | where column3 == ($url | path basename) 43 | ).column0.0 44 | 45 | return { 46 | version: $version, 47 | url: $url, 48 | hash: (to_sri $hash), 49 | date: $data.build.date, 50 | } 51 | } 52 | 53 | let versions = (http get "https://product-details.mozilla.org/1.0/firefox_versions.json") 54 | 55 | let data = ( 56 | $SYSTEMS 57 | | wrap system 58 | | each {|it| { 59 | system: $it.system, 60 | data: { 61 | release: (fetch_release $versions.LATEST_FIREFOX_VERSION $it.system "tar.xz") 62 | esr: (fetch_release $versions.FIREFOX_ESR $it.system "tar.bz2") 63 | beta: (fetch_release $versions.LATEST_FIREFOX_RELEASED_DEVEL_VERSION $it.system "tar.xz") 64 | devedition: (fetch_release $versions.FIREFOX_DEVEDITION $it.system "tar.xz") 65 | nightly: (fetch_nightly $versions.FIREFOX_NIGHTLY $it.system) 66 | } 67 | }} 68 | | transpose --header-row --as-record 69 | ) 70 | 71 | $data | to json | save -f latest.json 72 | -------------------------------------------------------------------------------- /latest.json: -------------------------------------------------------------------------------- 1 | { 2 | "linux-x86_64": { 3 | "release": { 4 | "version": "139.0.1", 5 | "url": "https://download.cdn.mozilla.net/pub/firefox/releases/139.0.1/linux-x86_64/en-US/firefox-139.0.1.tar.xz", 6 | "hash": "sha512-kcZO3XN4GsVT8yQJrCKb0t7hkIN4vCyZDzgOb+w10EE1S+CAlJjWEHLezt2XV5Kj/u4WTPsiOdjTs572EfqJlw==" 7 | }, 8 | "esr": { 9 | "version": "128.11.0esr", 10 | "url": "https://download.cdn.mozilla.net/pub/firefox/releases/128.11.0esr/linux-x86_64/en-US/firefox-128.11.0esr.tar.bz2", 11 | "hash": "sha512-4nP1K+ePgKhHoPV91e4NDw0MAZluomVyeXn0GZ8cssBAKXuSP/tnvJH+qY4Gl+WM8qxyRH0f7y5B/w3NCLHIvQ==" 12 | }, 13 | "beta": { 14 | "version": "140.0b4", 15 | "url": "https://download.cdn.mozilla.net/pub/firefox/releases/140.0b4/linux-x86_64/en-US/firefox-140.0b4.tar.xz", 16 | "hash": "sha512-t/jUQBaw/2NUoot2PG6gEWkJGod7SwGm2pw69t33rjlFdF4bLvDwwQAkgfBLbI2E4zu/WLnK7tu6WAZOiYXk1w==" 17 | }, 18 | "devedition": { 19 | "version": "140.0b4", 20 | "url": "https://download.cdn.mozilla.net/pub/firefox/releases/140.0b4/linux-x86_64/en-US/firefox-140.0b4.tar.xz", 21 | "hash": "sha512-t/jUQBaw/2NUoot2PG6gEWkJGod7SwGm2pw69t33rjlFdF4bLvDwwQAkgfBLbI2E4zu/WLnK7tu6WAZOiYXk1w==" 22 | }, 23 | "nightly": { 24 | "version": "141.0a1", 25 | "url": "https://archive.mozilla.org/pub/firefox/nightly/2025/06/2025-06-02-21-11-30-mozilla-central/firefox-141.0a1.en-US.linux-x86_64.tar.xz", 26 | "hash": "sha512-ESnAeNHCTAfImd50QzkEiDDS8+UXj0A8DZsFiL8OYGCywnuVJh05An/ACaydN3Z3tkR36XgJ5I2xwNKi1Wo6aw==", 27 | "date": "2025-06-02T21:11:30Z" 28 | } 29 | }, 30 | "linux-aarch64": { 31 | "release": { 32 | "version": "139.0.1", 33 | "url": "https://download.cdn.mozilla.net/pub/firefox/releases/139.0.1/linux-aarch64/en-US/firefox-139.0.1.tar.xz", 34 | "hash": "sha512-8yUMyKzxO8TF+dCZvFrdyjzXcZG8D9xkl16bs4tZ5v5/RhXkui3zCZ4GIraSY+wS4Vb2uhehxxu/MxIBG0Ux3A==" 35 | }, 36 | "esr": null, 37 | "beta": { 38 | "version": "140.0b4", 39 | "url": "https://download.cdn.mozilla.net/pub/firefox/releases/140.0b4/linux-aarch64/en-US/firefox-140.0b4.tar.xz", 40 | "hash": "sha512-smqhf9u5zmIPXKbJSotxsx8uW9FO8tZ+8n7JsIz3h2oVj/5HuZ+gBbSYatKt6n0QWXPT1O/M4s5smkN1CcOG2Q==" 41 | }, 42 | "devedition": { 43 | "version": "140.0b4", 44 | "url": "https://download.cdn.mozilla.net/pub/firefox/releases/140.0b4/linux-aarch64/en-US/firefox-140.0b4.tar.xz", 45 | "hash": "sha512-smqhf9u5zmIPXKbJSotxsx8uW9FO8tZ+8n7JsIz3h2oVj/5HuZ+gBbSYatKt6n0QWXPT1O/M4s5smkN1CcOG2Q==" 46 | }, 47 | "nightly": { 48 | "version": "141.0a1", 49 | "url": "https://archive.mozilla.org/pub/firefox/nightly/2025/06/2025-06-02-21-11-30-mozilla-central/firefox-141.0a1.en-US.linux-aarch64.tar.xz", 50 | "hash": "sha512-YcAlvmJmhjK/lYabIy9YmX2IMcZfzpfToxCQgywZGzdAAssLf7zgh1nySP1CtS/Y/qYTuabmUUU6IgTpcJ301Q==", 51 | "date": "2025-06-02T21:11:30Z" 52 | } 53 | } 54 | } -------------------------------------------------------------------------------- /packages.nix: -------------------------------------------------------------------------------- 1 | # This file provides backward compatibility to nix < 2.4 clients 2 | { system ? builtins.currentSystem }: 3 | let 4 | lock = builtins.fromJSON (builtins.readFile ./flake.lock); 5 | 6 | inherit (lock.nodes.flake-compat.locked) owner repo rev narHash; 7 | 8 | flake-compat = fetchTarball { 9 | url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz"; 10 | sha256 = narHash; 11 | }; 12 | 13 | flake = import flake-compat { inherit system; src = ./.; }; 14 | in 15 | flake.defaultNix.packages.${builtins.currentSystem} -------------------------------------------------------------------------------- /shell.nix: -------------------------------------------------------------------------------- 1 | # This file provides backward compatibility to nix < 2.4 clients 2 | { system ? builtins.currentSystem }: 3 | let 4 | lock = builtins.fromJSON (builtins.readFile ./flake.lock); 5 | 6 | inherit (lock.nodes.flake-compat.locked) owner repo rev narHash; 7 | 8 | flake-compat = fetchTarball { 9 | url = "https://github.com/${owner}/${repo}/archive/${rev}.tar.gz"; 10 | sha256 = narHash; 11 | }; 12 | 13 | flake = import flake-compat { inherit system; src = ./.; }; 14 | in 15 | flake.shellNix 16 | -------------------------------------------------------------------------------- /tests/firefox.nix: -------------------------------------------------------------------------------- 1 | ({ pkgs, firefoxPackage, ... }: 2 | { 3 | name = firefoxPackage.unwrapped.pname; 4 | nodes.machine = 5 | { modulesPath, ... }: 6 | 7 | { imports = [ (modulesPath + "/../tests/common/x11.nix") ]; 8 | environment.systemPackages = [ 9 | firefoxPackage 10 | ]; 11 | services.journald.console = "/dev/ttyS0"; 12 | }; 13 | 14 | testScript = '' 15 | machine.wait_for_x() 16 | 17 | with subtest("Wait until Firefox has finished loading the Valgrind docs page"): 18 | machine.succeed( 19 | "systemd-run -E DISPLAY=:0 -E MOZ_LOG=all:3 ${firefoxPackage.unwrapped.binaryName} file://${pkgs.valgrind.doc}/share/doc/valgrind/html/index.html" 20 | , timeout=5 21 | ) 22 | machine.wait_for_window("Valgrind", timeout=120) 23 | machine.sleep(20) 24 | machine.screenshot("screen") 25 | ''; 26 | 27 | }) 28 | -------------------------------------------------------------------------------- /update.nu: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env nu 2 | print -e $"::group::flake-lock-update" 3 | do { 4 | nix flake update --commit-lock-file 5 | } 6 | print -e $"::endgroup::" 7 | 8 | print -e $"::group::firefox-update" 9 | let commitmsg = do { 10 | let oldversion = (cat latest.json | jq -r '."linux-x86_64".nightly.date') 11 | 12 | print -e $"::notice ::oldversion=($oldversion)" 13 | 14 | ./generate.nu 15 | 16 | let newversion = (cat latest.json | jq -r '."linux-x86_64".nightly.date') 17 | 18 | print -e $"::notice ::newversion=($newversion)" 19 | 20 | $"firefox-nightly-bin: ($oldversion) -> ($newversion)" 21 | } 22 | print -e "::endgroup::" 23 | 24 | print -e $"::group::nix-build" 25 | do { 26 | nix build . --keep-going -L 27 | } 28 | print -e $"::endgroup::" 29 | 30 | print -e $"::group::nix-flake-check" 31 | try { 32 | nix flake check --keep-going -j1 -L 33 | print -e $"::notice ::nix flake check = pass" 34 | } catch { 35 | print -e $"::warning ::nix flake check = FAIL" 36 | } 37 | print -e $"::endgroup::" 38 | 39 | print -e $"::group::git-commit-push" 40 | if ("GITHUB_ACTIONS" in $env) { 41 | print -e $"::notice ::commitmsg=($commitmsg)" 42 | do -i { 43 | git commit ./latest.json -m $commitmsg 44 | git push origin HEAD 45 | } 46 | } else { 47 | print -e $"skipping git actions, we're not running in GitHub Actions" 48 | } 49 | print -e $"::endgroup::" 50 | --------------------------------------------------------------------------------