chore(contractiles): add bust/ + relocate k9 to svc/ #169
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-License-Identifier: PMPL-1.0-or-later | |
| name: Guix/Nix Package Policy | |
| on: [push, pull_request] | |
| permissions: | |
| contents: read | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 | |
| - name: Enforce Guix primary / Nix fallback | |
| run: | | |
| HAS_GUIX=$(find . -name "*.scm" -o -name ".guix-channel" -o -name "guix.scm" 2>/dev/null | head -1) | |
| HAS_NIX=$(find . -name "*.nix" 2>/dev/null | head -1) | |
| NEW_LOCKS=$(git diff --name-only --diff-filter=A HEAD~1 2>/dev/null | grep -E 'package-lock\.json|yarn\.lock|Gemfile\.lock|Pipfile\.lock|poetry\.lock|cargo\.lock' || true) | |
| if [ -n "$NEW_LOCKS" ]; then | |
| echo "Lock files detected. Prefer Guix manifests for reproducibility." | |
| fi | |
| if [ -n "$HAS_GUIX" ]; then | |
| echo "Guix package management detected (primary)" | |
| elif [ -n "$HAS_NIX" ]; then | |
| echo "Nix package management detected (fallback)" | |
| else | |
| echo "Consider adding guix.scm or flake.nix for reproducible builds" | |
| fi | |
| echo "Package policy check passed" |