Noa Aarts
0e27bc3f9e
github/workflows/eval: add markdown of added, removed and changed
2024-11-30 13:47:49 +01:00
Silvan Mosberger
af1aa40e73
workflows/eval.yml: Run on dev branch pushes and apply rebuild labels
2024-11-28 22:24:23 +01:00
Silvan Mosberger
19db54eda1
workflows/eval: Minor fixes, ensure the correct commit is checked out
...
- `env.mergedSha` is empty, so it checked out the master version by
default
- The process step used `needs.attrs.outputs.mergedSha`, but apparently
that's empty unless `attrs` is declared as a `needs`, even though
`outputs` implicitly depends on `attrs`
2024-11-21 20:01:18 +01:00
Zhong Jianxin
f80720823b
workflows/eval: avoid potential script injection attack
...
Although matrix.system is supposed to be generated from trusted code,
we'd better follow [Github Actions good practices][1].
[1]: https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
2024-11-20 20:50:24 +08:00
Silvan Mosberger
fbbe972898
Parallel GH actions workflow for Nixpkgs eval
...
Motivated by ofborg struggling [1] and its evaluations taking too long,
inspired by Jörg's initial PR [2]
and Adam's previous attempt to parallelise Nixpkgs evaluation [3],
this PR contains initial work to relief ofborg from its evaluation duty
by using GitHub Actions to evaluate Nixpkgs.
For now this doesn't take care of all of what ofborg does, such as
requesting appropriate reviewers or labeling mass rebuilds, but this can
be follow-up work.
[1]: https://discourse.nixos.org/t/infrastructure-announcement-the-future-of-ofborg-your-help-needed/56025?u=infinisil
[2]: https://github.com/NixOS/nixpkgs/pull/352808
[3]: https://github.com/NixOS/nixpkgs/pull/269403
Co-Authored-By: Jörg Thalheim <joerg@thalheim.io>
Co-Authored-By: Adam Joseph <adam@westernsemico.com>
2024-11-20 10:35:56 +01:00
