Commit Graph

925 Commits

Author SHA1 Message Date
Pol Dellaiera
e012442a7e
workflows/eval: Clear unnecessary rebuild labels (#360277) 2024-11-30 09:20:53 +01:00
Pol Dellaiera
46fba61472
workflows/eval: Make sure to compare against the push run (#360274) 2024-11-30 09:19:42 +01:00
Zhong Jianxin
c318085efa ci/check-shell: fix ci/** path 2024-11-30 10:32:54 +08:00
Silvan Mosberger
ea65e3038a workflows/eval: Clear unnecessary rebuild labels
Previously the labels would never be removed, even if the number of
rebuilds changed
2024-11-30 03:00:58 +01:00
Silvan Mosberger
b3e8e251f3 workflows/eval: Make sure to compare against the push run
For PRs whose commits end up as HEAD of master like
bcc5c141bf,
there might be workflow runs associated with both PRs and pushes.

Only the push event is the one that will run fully and should be used to compare against.
So far it didn't distinguish between the two events, causing it to
sometimes pick the wrong one and then fail to download non-existent
artifacts: https://github.com/NixOS/nixpkgs/actions/runs/12092053414/job/33721377179

This commit fixes that by ensuring that the push event result is
compared against
2024-11-30 02:08:53 +01:00
Jörg Thalheim
cb016f116b ci/check-shell: only run if shell.nix or ./ci/** is changed
saves a bit of CI time
2024-11-29 23:34:33 +01:00
Jörg Thalheim
82434f382c
Use GHA eval to assign rebuild labels (#359704) 2024-11-29 23:21:39 +01:00
Philip Taron
b61dffc48e
ant: modernize, update primary name (#360077) 2024-11-29 09:57:18 -08:00
Aleksana
e1c06e7f84
.github/labeler.yml: add ruby label for gem changes (#357031) 2024-11-29 17:12:34 +08:00
Tomodachi94
4f2b642f6c apacheAnt: make ant the primary name
apacheAnt is unused in the tree; `ant` is more commonly used.
2024-11-29 01:19:02 +00:00
Silvan Mosberger
af1aa40e73 workflows/eval.yml: Run on dev branch pushes and apply rebuild labels 2024-11-28 22:24:23 +01:00
Tomodachi94
2342cc1a40 .github/labeler.yml: add more paths to Java
All of these are in the Java team's scope, so
we should add them to the Java label.
2024-11-23 18:33:00 +00:00
Jörg Thalheim
eeb87082a9 add actionlint script 2024-11-22 14:16:17 +01:00
Jörg Thalheim
2adf409581 ci/check-nixf-tidy: replace sed with variable substitution
Update .github/workflows/check-nixf-tidy.yml

Co-authored-by: Zhong Jianxin <azuwis@users.noreply.github.com>
2024-11-22 14:16:17 +01:00
Jörg Thalheim
b998723321 ci/editorconfig-v2: useless use of cat 2024-11-22 08:33:41 +01:00
Silvan Mosberger
19db54eda1 workflows/eval: Minor fixes, ensure the correct commit is checked out
- `env.mergedSha` is empty, so it checked out the master version by
default
- The process step used `needs.attrs.outputs.mergedSha`, but apparently
  that's empty unless `attrs` is declared as a `needs`, even though
  `outputs` implicitly depends on `attrs`
2024-11-21 20:01:18 +01:00
Zhong Jianxin
f80720823b workflows/eval: avoid potential script injection attack
Although matrix.system is supposed to be generated from trusted code,
we'd better follow [Github Actions good practices][1].

[1]: https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
2024-11-20 20:50:24 +08:00
Jörg Thalheim
6d2d99ef57
Parallel GH actions workflow for Nixpkgs eval (#356023) 2024-11-20 19:49:18 +01:00
Silvan Mosberger
fbbe972898 Parallel GH actions workflow for Nixpkgs eval
Motivated by ofborg struggling [1] and its evaluations taking too long,
inspired by Jörg's initial PR [2]
and Adam's previous attempt to parallelise Nixpkgs evaluation [3],
this PR contains initial work to relief ofborg from its evaluation duty
by using GitHub Actions to evaluate Nixpkgs.

For now this doesn't take care of all of what ofborg does, such as
requesting appropriate reviewers or labeling mass rebuilds, but this can
be follow-up work.

[1]: https://discourse.nixos.org/t/infrastructure-announcement-the-future-of-ofborg-your-help-needed/56025?u=infinisil
[2]: https://github.com/NixOS/nixpkgs/pull/352808
[3]: https://github.com/NixOS/nixpkgs/pull/269403

Co-Authored-By: Jörg Thalheim <joerg@thalheim.io>
Co-Authored-By: Adam Joseph <adam@westernsemico.com>
2024-11-20 10:35:56 +01:00
Kenichi Kamiya
05a28af51b
.github/labeler.yml: add ruby label for gem changes 2024-11-19 02:27:44 +09:00
Thiago Kenji Okada
9e6ece3ee1 nixos-rebuild-ng: init 2024-11-15 18:27:16 +00:00
Tristan Ross
90fcf3aa7e
25.05 is Warbler 2024-11-14 09:10:54 -08:00
Sefa Eyeoglu
5603504a8d
.github: Use consistent (and correct) formatting across issue templates (#354721) 2024-11-13 23:48:40 +01:00
Patka
c53f8b4954
.github/labeler.yml: assign PHP label to PHP nixos tests (#355682) 2024-11-13 23:18:53 +01:00
Gavin John
d385091084
.github: Use consistent (and correct) formatting across issue templates 2024-11-09 12:54:00 -08:00
Gavin John
b156e98213
.github: Add a "Module requests" issue template 2024-11-09 01:03:07 -08:00
jopejoe1
e5d280c40b .github/labeler.yml: remove darwin and bsd 2024-11-08 19:48:59 +01:00
jopejoe1
1cd7975c3b .github/labeler.yml: add automatic labeling for more topics 2024-11-06 19:57:56 +01:00
Sefa Eyeoglu
7d6fe54a06
.github/labeler.yml: add nixos label to switch-to-configuration-ng pull requests
Signed-off-by: Sefa Eyeoglu <contact@scrumplex.net>
2024-11-01 11:50:13 +01:00
K900
0c45a8b5c4 Merge remote-tracking branch 'origin/master' into staging-next 2024-10-28 21:46:13 +03:00
K900
66f01b7af9 Merge remote-tracking branch 'origin/master' into staging-next 2024-10-28 15:11:30 +03:00
dependabot[bot]
6baeff261f
build(deps): bump actions/checkout from 4.2.1 to 4.2.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](eef61447b9...11bd71901b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-28 11:50:56 +00:00
Emery Hemingway
da6da7189e buildNimPackage: move into /pkgs/build-support, tidy OWNERS 2024-10-28 10:26:14 +00:00
K900
f21f4ca3ee Merge remote-tracking branch 'origin/master' into staging-next 2024-10-26 21:05:47 +03:00
Francesco Gazzetta
1009ec8796 tclPackages: init 2024-10-26 16:23:15 +00:00
Silvan Mosberger
5bbbc3a30b workflows: Rename after security fixes
In the previous two commits, security issues with these workflows were
fixed. In order for these to not be exploitable for PRs to branches that
don't have the fixes yet (including read-only branches like
nixos-unstable), these workflows are renamed, so that the old ones can
be turned off manually via GitHub interface.

Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:30:52 +02:00
Silvan Mosberger
6b8ce4aedf workflows: Fix security issues
read-all permissions gives access to e.g. security-events, which these
don't need, and can easily lead to leaks

Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:03:37 +02:00
Silvan Mosberger
59aee1ca5d workflows/codeowners: Fix security issue
Co-Authored-By: 13x1 <tori@disroot.org>
Co-Authored-By: basti564 <e3e@disroot.org>
2024-10-26 15:01:12 +02:00
K900
7f898ed413 Merge remote-tracking branch 'origin/master' into staging-next 2024-10-25 21:06:42 +03:00
Victor Engmark
54e4669c75 docs: Clarify how to provide technical details/metadata
`nix-info -m` outputs Markdown, so it makes more sense to include it in
issues verbatim than within a preformatted code block.

Co-authored-by: Gavin John <gavinnjohn@gmail.com>
2024-10-25 10:12:44 +02:00
github-actions[bot]
2f507992fe
Merge master into staging-next 2024-10-22 06:05:03 +00:00
Cole Helbling
705fdd9ccc ci/basic-eval: check that flake outputs are valid 2024-10-16 08:49:28 -07:00
github-actions[bot]
05ae933cd6
Merge master into staging-next 2024-10-16 12:05:34 +00:00
zowoq
f30a046672 .github/workflows: remove update-terraform-providers
semi-broken, will try using r-ryantm bot for updates instead
2024-10-16 17:20:57 +10:00
github-actions[bot]
e2daa3d1b0
Merge master into staging-next 2024-10-15 18:04:32 +00:00
dependabot[bot]
f3143a7eda
build(deps): bump actions/checkout from 4.2.0 to 4.2.1
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](d632683dd7...eef61447b9)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 11:35:32 +00:00
github-actions[bot]
bf97df9c1c
Merge staging-next into staging 2024-10-13 00:15:51 +00:00
Philip Taron
d6d9c6125a
Improve PR merge check for CI (#347786) 2024-10-12 09:11:24 -07:00
Silvan Mosberger
7f9d297838 workflows/nixpkgs-vet: Make merge check script reusable
This is useful for other workflows as well. Originally I thought it
couldn't be put in the repo, but it can (just needs another checkout)
2024-10-12 03:58:39 +02:00
Silvan Mosberger
f9b28d5678 workflows/codeowners: Cache codeowner validator build
The codeowner-validator build declared in ci/codeowners-validator was
not cached before and needed to be built for every PR, which is slow and
wasteful: https://github.com/NixOS/nixpkgs/actions/runs/11280533037/job/31373720922
2024-10-10 21:21:22 +02:00