Commit Graph

246 Commits

Author SHA1 Message Date
Thomas Gerbet
01127f2276 ci: fix the branch patterns of the 'Check cherry-picks' action
For reference on the acceptable pattern:
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
2024-04-09 19:27:11 +02:00
Thomas Gerbet
413f064414
Merge pull request #172098 from risicle/ris-cherry-pick-check
add "check cherry-picks" github action
2024-04-08 22:00:51 +02:00
Will Bush
1ec2e2cf1c
Optimize check-maintainers-sorted workflow with sparse checkout
Only lib and maintainers directories are needed to perform the check.
2024-04-06 17:38:33 -05:00
Thomas Gerbet
bb0849ee63
Merge pull request #300663 from NixOS/dependabot/github_actions/korthout/backport-action-2.5.0
build(deps): bump korthout/backport-action from 2.4.1 to 2.5.0
2024-04-04 16:39:37 +02:00
zimbatm
3bfad41ad1 ci: fix the manual cache auth token
I reset the cache by mistake.
2024-04-04 11:52:24 +02:00
Someone Serge
a20f661a2c workflows/check-nix-format.yml: pin nixpkgs (fix staging) 2024-04-03 18:20:36 +00:00
Robert Scott
fbad66daa5 add "Check cherry-picks" github action
the intention being to catch commits which declare themselves as
cherry-picks, but either:

 - don't refer to a commit in the master or staging branches
 - are significantly altered from their original commit

determining the latter is not an exact science, but the heuristic of
looking for differences in only the added or removed lines seems to
work quite well. still, this should be considered an assistant
for reviewers rather than a hard failure. unfortunately github
workflows don't have a way of raising a gentle warning instead of a
failure.

the formatting of the output also leaves something to be desired due
to the limitations of github actions' "group" commands.
2024-04-01 16:10:13 +01:00
dependabot[bot]
afca39ba9d
build(deps): bump korthout/backport-action from 2.4.1 to 2.5.0
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](e8161d6a0d...ef20d86abc)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-04-01 11:22:55 +00:00
Connor Baker
d94495d5bc workflows/check-nix-format.yml: init 2024-04-01 01:14:31 +00:00
Silvan Mosberger
f7ea336cb2 workflows/check-by-name.yml: Switch to new separate repo
The nixpkgs-check-by-name tooling is [being moved](https://github.com/NixOS/nixpkgs/issues/286559#issuecomment-2000466124)
to a [separate repo](https://github.com/NixOS/nixpkgs-check-by-name).

This commit updates Nixpkgs CI to use it instead of the tree inside
Nixpkgs

No changes have been made to the tooling locally since it was moved:
- [Exported history](55bf02190e/pkgs/test/nixpkgs-check-by-name)
- [Imported history](d579e1821d/)
2024-03-26 21:24:48 +01:00
Martin Weinelt
f9cedd883a
Merge pull request #296887 from NixOS/dependabot/github_actions/actions/checkout-4.1.2
build(deps): bump actions/checkout from 4.1.1 to 4.1.2
2024-03-18 15:33:51 +01:00
dependabot[bot]
b6ed496a0a
build(deps): bump peter-evans/create-pull-request from 6.0.1 to 6.0.2
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](a4f52f8033...70a41aba78)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 11:50:35 +00:00
dependabot[bot]
677b0f82c7
build(deps): bump actions/checkout from 4.1.1 to 4.1.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](b4ffde65f4...9bb56186c3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 11:50:32 +00:00
Martin Weinelt
a7d38622e7
Merge pull request #273526 from NixOS/dependabot/github_actions/actions/labeler-5.0.0
build(deps): bump actions/labeler from 4.3.0 to 5.0.0
2024-03-17 14:31:50 +01:00
Thomas Gerbet
3d6c24d5e9
Merge pull request #284754 from NixOS/dependabot/github_actions/korthout/backport-action-2.4.1
build(deps): bump korthout/backport-action from 2.1.1 to 2.4.1
2024-03-17 12:32:39 +01:00
dependabot[bot]
98748903e3 build(deps): bump actions/labeler from 4.3.0 to 5.0.0
Bumps [actions/labeler](https://github.com/actions/labeler) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](ac9175f8a1...8558fd7429)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-17 12:24:44 +01:00
dependabot[bot]
1fb53efbbf
build(deps): bump cachix/install-nix-action from 25 to 26
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 25 to 26.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](6004951b18...8887e596b4)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-11 11:39:15 +00:00
dependabot[bot]
33386e9f4b
build(deps): bump peter-evans/create-pull-request from 5.0.2 to 6.0.1
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.2 to 6.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](153407881e...a4f52f8033)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-04 11:03:26 +00:00
figsoda
9fc8a3074f workflows/periodic-merge: drop 23.05 jobs 2024-01-29 12:07:40 -05:00
dependabot[bot]
55aa362927
build(deps): bump peter-evans/create-or-update-comment
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 3.1.0 to 4.0.0.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](23ff15729e...71345be026)

---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 11:48:14 +00:00
dependabot[bot]
298e5fddd3
build(deps): bump korthout/backport-action from 2.1.1 to 2.4.1
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.1.1 to 2.4.1.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](08bafb375e...e8161d6a0d)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 11:48:05 +00:00
Silvan Mosberger
0825957f54 workflows/check-by-name: Trigger on base branch changes
Not doing this can cause CI to report a misleading result when it wasn't
retriggered after a base branch change.
2024-01-21 22:47:10 +01:00
dependabot[bot]
7776440255
build(deps): bump cachix/cachix-action from 13 to 14 (#281122)
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 13 to 14.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](6a2e08b5eb...18cf96c7c9)

---
updated-dependencies:
- dependency-name: cachix/cachix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 17:10:26 +01:00
dependabot[bot]
7a6810eb0f
build(deps): bump cachix/install-nix-action from 24 to 25 (#281120)
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 24 to 25.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](7ac1ec2549...6004951b18)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 17:08:54 +01:00
Silvan Mosberger
8cf3cd91b2 check-by-name: Update contributor docs
Now that the tooling is pinned instead of being fetched indirectly from
the channel, the docs need some updating
2024-01-17 21:26:39 +01:00
Silvan Mosberger
50d57f6236 check-by-name: Fix CI
Wasn't detected in https://github.com/NixOS/nixpkgs/pull/281407
2024-01-17 21:26:12 +01:00
Silvan Mosberger
9da57b5bd3 check-by-name/run-local.sh: Make it usable for non-CI platforms
Since https://github.com/NixOS/nixpkgs/pull/281374, the
nixpkgs-check-by-name tooling is pinned to a specific /nix/store path to
avoid having to evaluate Nixpkgs in CI.

The same path is used for local runs, but that doesn't actually work
when you're trying to run it on a platform different from CI.

This commit makes it work by being clearer about platforms and making
local runs check out the correct Nixpkgs to evaluate the tool from.
2024-01-17 10:45:23 +01:00
Silvan Mosberger
aaa6573ed5
Merge pull request #281374 from tweag/by-name-check-pin
workflows/check-by-name: Pin nixpkgs-check-by-name tool
2024-01-16 21:48:03 +01:00
Silvan Mosberger
cc422e321e workflows/check-by-name: Pin nixpkgs-check-by-name tool
Before this, the tool for CI would update when nixos-unstable updated,
which is kind of terrible because you don't know when it happens, and it
might break master.

In fact, the tooling _right now_ has a serious bug and shouldn't be used!

This PR addresses this by _pinning_ the tooling in Nixpkgs itself.

Updating the tooling now requires two PRs:
- The first PR to update the tooling source
- (wait for Hydra to build and publish it in nixos-unstable)
- The second PR to update the pinned tooling

In turn you know exactly when the changes are going to take effect.

This change however has additional benefits:
- It makes CI more reproducible, because it doesn't depend on the state
  of nixos-unstable anymore
- Updates to the tooling can be tested with the workflow itself,
  because PRs that update the pinned tool will be tested on the updated
  version
- CI gets a sizable speed boost, because there's no need to download and
  evaluate a channel anymore
- It makes it more realistic to move the source of the tool into a
  separate repository
- It removes the brittle branch-specific logic that was previously
  needed to ensure that release branches use their own version of the
  tooling.
2024-01-16 19:58:19 +01:00
Janne Heß
2ccf45ee95
ci: Fix nix-parse workflow
The nix_path definition was missing :/
2024-01-16 19:07:37 +01:00
Janne Heß
d722b456e8
ci: Only check nix files when any nix file changed 2024-01-16 09:31:27 +01:00
Janne Heß
f7a175776e
ci: Check if all nix files are parseable 2024-01-10 10:16:04 +01:00
Silvan Mosberger
02b3c06b1c
Merge pull request #274591 from tweag/by-name-reproducible
`pkgs/by-name`: Enable gradual migration checks and add `run-local.sh`
2023-12-22 00:17:37 +01:00
Silvan Mosberger
f882df781c maintainers/scripts/check-by-name.sh: Introduce symlink alias 2023-12-22 00:04:16 +01:00
Silvan Mosberger
f27bb1216c
Merge pull request #273773 from nbraud/scripts/doc/check-manpage-urls
maintainers: Add new script to check URLs in `doc/manpage-urls.json`
2023-12-20 19:33:32 +01:00
Silvan Mosberger
1968beeabd check-by-name: Pass --base in CI and local running script
This enables the ratchet checks for pkgs/by-name, allowing gradual
migrations!
2023-12-20 17:38:06 +01:00
Silvan Mosberger
1ad45e503f workflows/check-by-name: Slim down and prepare for --base
Now that we have a script to run the check locally,
there's no real need to output the information to reproduce anymore,
which allows cleaning up the CI workflow.

Furthermore, this prepares the CI workflow to be passed `--base`, as
introduced recently.
2023-12-20 17:38:05 +01:00
Silvan Mosberger
c6267887db workflows/check-by-name: Why the mergeability check needs to be inline 2023-12-19 23:15:41 +01:00
Silvan Mosberger
3869ba4127 workflows/check-by-name: Move tool fetching into script
This part of the CI can also be reproduced locally
2023-12-19 23:15:01 +01:00
nicoo
ba387f0a5b workflows/manual-nixpkgs: Run the manual's tests 2023-12-18 20:28:51 +00:00
Silvan Mosberger
dbb599f2e4 workflows/check-by-name: Cancel on merge conflicts 2023-12-15 18:49:29 +01:00
zowoq
f63903a90f .github/workflows/update-terraform-providers.yml: use opentofu instead of terraform
terraform is unfree and can't be built on ofborg
2023-12-08 12:47:35 +10:00
dependabot[bot]
628c5366a3
build(deps): bump cachix/cachix-action from 12 to 13 (#272012)
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 12 to 13.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](6a9a34cdd9...6a2e08b5eb)

---
updated-dependencies:
- dependency-name: cachix/cachix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 01:55:04 +01:00
dependabot[bot]
e3e5f288bf
build(deps): bump cachix/install-nix-action from 23 to 24 (#272011)
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 23 to 24.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](6a9a9e84a1...7ac1ec2549)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 01:52:38 +01:00
Martin Weinelt
13a5743c44 workflows/periodic-merge: allow manual dispatch
Currently there is an eval fix on master and waiting five hours for it
to propagate into staging-next and staging is annoyingly long.
2023-12-02 21:52:46 +01:00
Silvan Mosberger
ac01ff7146
Merge pull request #270496 from tweag/by-name-backoff
workflows/check-by-name: Limited and exponential retries
2023-12-01 04:47:17 +01:00
Victor Engmark
4177297b14 ci: pin third party actions
For reproducibility.

Command:

```shell
for file in .github/workflows/*.y*ml; do
    npx pin-github-action --comment=' {ref}' "$file"
done
```

Then had to manually replace all the versions with accurate specifiers
(for example, "v4" → "v4.1.1" in case of `actions/checkout`).
2023-11-29 09:51:22 +01:00
Silvan Mosberger
5e0644896d workflows/check-by-name: Set 10 minute timeout
Co-Authored-By: Cole Helbling <cole.e.helbling@outlook.com>
2023-11-27 23:57:08 +01:00
Silvan Mosberger
d38a7343fe workflows/check-by-name: Limited and exponential retries
We've had a recent PR CI mass failure event, ultimately caused by the
mergeability check GitHub API not returning a result.

But due to the `pkgs/by-name` check workflow not backing off
appropriately between retries, it pummeled the API, resulting in
exceeding the API rate limit:

https://github.com/NixOS/nixpkgs/actions/runs/7010089143/job/19069845070

This commit fixes that for the future by implementing a retry strategy limited to three
retries, with exponential backoff
2023-11-27 22:42:17 +01:00
Silvan Mosberger
ad228aee4b workflows/check-by-name: If channel no existent, fall back to nixos-unstable 2023-11-22 01:53:07 +01:00