Commit Graph

322 Commits

Author SHA1 Message Date
Silvan Mosberger
8cf3cd91b2 check-by-name: Update contributor docs
Now that the tooling is pinned instead of being fetched indirectly from
the channel, the docs need some updating
2024-01-17 21:26:39 +01:00
Silvan Mosberger
50d57f6236 check-by-name: Fix CI
Wasn't detected in https://github.com/NixOS/nixpkgs/pull/281407
2024-01-17 21:26:12 +01:00
Silvan Mosberger
9da57b5bd3 check-by-name/run-local.sh: Make it usable for non-CI platforms
Since https://github.com/NixOS/nixpkgs/pull/281374, the
nixpkgs-check-by-name tooling is pinned to a specific /nix/store path to
avoid having to evaluate Nixpkgs in CI.

The same path is used for local runs, but that doesn't actually work
when you're trying to run it on a platform different from CI.

This commit makes it work by being clearer about platforms and making
local runs check out the correct Nixpkgs to evaluate the tool from.
2024-01-17 10:45:23 +01:00
Silvan Mosberger
aaa6573ed5
Merge pull request #281374 from tweag/by-name-check-pin
workflows/check-by-name: Pin nixpkgs-check-by-name tool
2024-01-16 21:48:03 +01:00
Silvan Mosberger
cc422e321e workflows/check-by-name: Pin nixpkgs-check-by-name tool
Before this, the tool for CI would update when nixos-unstable updated,
which is kind of terrible because you don't know when it happens, and it
might break master.

In fact, the tooling _right now_ has a serious bug and shouldn't be used!

This PR addresses this by _pinning_ the tooling in Nixpkgs itself.

Updating the tooling now requires two PRs:
- The first PR to update the tooling source
- (wait for Hydra to build and publish it in nixos-unstable)
- The second PR to update the pinned tooling

In turn you know exactly when the changes are going to take effect.

This change however has additional benefits:
- It makes CI more reproducible, because it doesn't depend on the state
  of nixos-unstable anymore
- Updates to the tooling can be tested with the workflow itself,
  because PRs that update the pinned tool will be tested on the updated
  version
- CI gets a sizable speed boost, because there's no need to download and
  evaluate a channel anymore
- It makes it more realistic to move the source of the tool into a
  separate repository
- It removes the brittle branch-specific logic that was previously
  needed to ensure that release branches use their own version of the
  tooling.
2024-01-16 19:58:19 +01:00
Janne Heß
2ccf45ee95
ci: Fix nix-parse workflow
The nix_path definition was missing :/
2024-01-16 19:07:37 +01:00
Janne Heß
d722b456e8
ci: Only check nix files when any nix file changed 2024-01-16 09:31:27 +01:00
Janne Heß
f7a175776e
ci: Check if all nix files are parseable 2024-01-10 10:16:04 +01:00
Silvan Mosberger
02b3c06b1c
Merge pull request #274591 from tweag/by-name-reproducible
`pkgs/by-name`: Enable gradual migration checks and add `run-local.sh`
2023-12-22 00:17:37 +01:00
Silvan Mosberger
f882df781c maintainers/scripts/check-by-name.sh: Introduce symlink alias 2023-12-22 00:04:16 +01:00
Silvan Mosberger
f27bb1216c
Merge pull request #273773 from nbraud/scripts/doc/check-manpage-urls
maintainers: Add new script to check URLs in `doc/manpage-urls.json`
2023-12-20 19:33:32 +01:00
Silvan Mosberger
1968beeabd check-by-name: Pass --base in CI and local running script
This enables the ratchet checks for pkgs/by-name, allowing gradual
migrations!
2023-12-20 17:38:06 +01:00
Silvan Mosberger
1ad45e503f workflows/check-by-name: Slim down and prepare for --base
Now that we have a script to run the check locally,
there's no real need to output the information to reproduce anymore,
which allows cleaning up the CI workflow.

Furthermore, this prepares the CI workflow to be passed `--base`, as
introduced recently.
2023-12-20 17:38:05 +01:00
Silvan Mosberger
c6267887db workflows/check-by-name: Why the mergeability check needs to be inline 2023-12-19 23:15:41 +01:00
Silvan Mosberger
3869ba4127 workflows/check-by-name: Move tool fetching into script
This part of the CI can also be reproduced locally
2023-12-19 23:15:01 +01:00
nicoo
ba387f0a5b workflows/manual-nixpkgs: Run the manual's tests 2023-12-18 20:28:51 +00:00
Silvan Mosberger
dbb599f2e4 workflows/check-by-name: Cancel on merge conflicts 2023-12-15 18:49:29 +01:00
zowoq
f63903a90f .github/workflows/update-terraform-providers.yml: use opentofu instead of terraform
terraform is unfree and can't be built on ofborg
2023-12-08 12:47:35 +10:00
dependabot[bot]
628c5366a3
build(deps): bump cachix/cachix-action from 12 to 13 (#272012)
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 12 to 13.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](6a9a34cdd9...6a2e08b5eb)

---
updated-dependencies:
- dependency-name: cachix/cachix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 01:55:04 +01:00
dependabot[bot]
e3e5f288bf
build(deps): bump cachix/install-nix-action from 23 to 24 (#272011)
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 23 to 24.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](6a9a9e84a1...7ac1ec2549)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 01:52:38 +01:00
Martin Weinelt
13a5743c44 workflows/periodic-merge: allow manual dispatch
Currently there is an eval fix on master and waiting five hours for it
to propagate into staging-next and staging is annoyingly long.
2023-12-02 21:52:46 +01:00
Silvan Mosberger
ac01ff7146
Merge pull request #270496 from tweag/by-name-backoff
workflows/check-by-name: Limited and exponential retries
2023-12-01 04:47:17 +01:00
Victor Engmark
4177297b14 ci: pin third party actions
For reproducibility.

Command:

```shell
for file in .github/workflows/*.y*ml; do
    npx pin-github-action --comment=' {ref}' "$file"
done
```

Then had to manually replace all the versions with accurate specifiers
(for example, "v4" → "v4.1.1" in case of `actions/checkout`).
2023-11-29 09:51:22 +01:00
Silvan Mosberger
5e0644896d workflows/check-by-name: Set 10 minute timeout
Co-Authored-By: Cole Helbling <cole.e.helbling@outlook.com>
2023-11-27 23:57:08 +01:00
Silvan Mosberger
d38a7343fe workflows/check-by-name: Limited and exponential retries
We've had a recent PR CI mass failure event, ultimately caused by the
mergeability check GitHub API not returning a result.

But due to the `pkgs/by-name` check workflow not backing off
appropriately between retries, it pummeled the API, resulting in
exceeding the API rate limit:

https://github.com/NixOS/nixpkgs/actions/runs/7010089143/job/19069845070

This commit fixes that for the future by implementing a retry strategy limited to three
retries, with exponential backoff
2023-11-27 22:42:17 +01:00
Silvan Mosberger
ad228aee4b workflows/check-by-name: If channel no existent, fall back to nixos-unstable 2023-11-22 01:53:07 +01:00
figsoda
87cc06983c
24.05 is Uakari 2023-11-21 14:34:30 -05:00
dependabot[bot]
afaf639666 build(deps): bump korthout/backport-action from 2.1.0 to 2.1.1
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v2.1.0...v2.1.1)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-13 13:49:56 +01:00
dependabot[bot]
3036ac33ed build(deps): bump korthout/backport-action from 2.0.0 to 2.1.0
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-07 09:40:56 +01:00
dependabot[bot]
eea756868f
build(deps): bump korthout/backport-action from 1.3.1 to 2.0.0
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.3.1 to 2.0.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.3.1...v2.0.0)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-30 11:17:29 +00:00
Silvan Mosberger
785b8ca2e7 workflows/check-by-name: Improved mergeability check 2023-10-18 01:59:47 +02:00
Artturin
5fbbada2fb workflows/check-by-name: print failed command output 2023-10-17 22:04:48 +03:00
Silvan Mosberger
b3e14b9045
Merge pull request #259074 from tweag/detect-merge-conflicts
workflows/check-by-name: Better error for merge conflicts
2023-10-06 05:09:54 +02:00
Silvan Mosberger
004da0cf91 workflows/check-by-name: Better error for merge conflicts 2023-10-05 00:13:47 +02:00
Silvan Mosberger
dd543a79d5 workflows/check-by-name: Add a missing colon 2023-10-04 23:42:10 +02:00
Silvan Mosberger
0dcdf60c38 workflows/check-by-name: Better error when base branch also fails
Previously, even if the check also failed on the base branch, it looked
like the PR introduced the failure.

We can easily have a better error message for such cases.

Meanwhile this also paves the road for something like
https://github.com/NixOS/nixpkgs/issues/256788
2023-10-02 22:01:43 +02:00
Silvan Mosberger
437d00dde3 workflows/check-by-name: Make runnable without approval
Co-Authored-By: zowoq <59103226+zowoq@users.noreply.github.com>
2023-09-11 14:27:42 +02:00
dependabot[bot]
9a70b1e242 build(deps): bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-11 13:55:35 +02:00
Martin Weinelt
240cbdc845
Merge pull request #253249 from NixOS/dependabot/github_actions/cachix/install-nix-action-23
build(deps): bump cachix/install-nix-action from 22 to 23
2023-09-11 09:06:52 +02:00
Silvan Mosberger
6d95b1aebb workflows/backport: Fix link and reword 2023-09-06 20:12:48 +02:00
dependabot[bot]
1d179cbc67
build(deps): bump cachix/install-nix-action from 22 to 23
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 22 to 23.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v22...v23)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-05 14:26:48 +00:00
Silvan Mosberger
ad61076624
Merge pull request #237439 from tweag/spp-1
[RFC 140] Simple package paths, part 1b: Enabling the directory structure
2023-09-05 16:25:27 +02:00
Silvan Mosberger
f6467c3574 pkgs/by-name: Introduce
This introduces the `pkgs/by-name` directory as proposed by RFC 140.
Included are:
- The implementation to add packages defined in that directory to the
  top-level package scope
- Contributer documentation on how to add packages to it
- A GitHub Actions workflow to check the structure of it on all PRs
2023-09-05 16:10:50 +02:00
zowoq
76ae447f06 .github/workflows/update-terraform-providers.yml: re-enable workflow_dispatch 2023-09-01 12:35:23 +10:00
zowoq
926db2b144 .github/workflows/update-terraform-providers.yml: disable 2023-09-01 11:16:27 +10:00
Silvan Mosberger
5ab9271508 Remove direct push detection GitHub action
We are trying out not allowing direct pushes anymore, so this is not necessary anymore, unless we later revert it again (unlikely): https://github.com/NixOS/nixpkgs/issues/249117
2023-08-14 15:57:29 +02:00
Martin Weinelt
19a1276370
workflows/periodic-merge: drop 22.11 jobs 2023-07-04 14:17:03 +02:00
dependabot[bot]
a8972d1910
build(deps): bump cachix/install-nix-action from 21 to 22
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 21 to 22.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v21...v22)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-19 12:08:45 +00:00
pennae
c8b4e5d557
Merge pull request #237557 from pennae/dedocbookify-nixos
nixos/doc: dedocbookify
2023-06-19 14:05:03 +02:00
pennae
0997ae1903 nixos/manual: disallow docbook option docs
it's been long in the making, and with 23.05 out we can finally disable
docbook option docs and default to markdown instead. this brings a
massive speed boost in manual and manpage builds, so much so that we may
consider enabling user module documentation by default.

we don't remove the docbook support code entirely yet because it's a lot
all over, and probably better removed in multiple separate changes.
2023-06-13 16:56:30 +02:00
dependabot[bot]
be335749cf
build(deps): bump korthout/backport-action from 1.2.0 to 1.3.1
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.2.0 to 1.3.1.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.2.0...v1.3.1)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-12 12:00:30 +00:00
dependabot[bot]
9db2a09001 build(deps): bump cachix/install-nix-action from 20 to 21
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 20 to 21.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v20...v21)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-30 16:23:52 +10:00
Raito Bezarius
2c28f1de7c 23.11 is Tapir 2023-05-22 21:16:04 +02:00
dependabot[bot]
5e73ac2b7d build(deps): bump peter-evans/create-or-update-comment from 2 to 3
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 2 to 3.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v2...v3)

---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-11 07:54:37 +10:00
dependabot[bot]
7a9db6efd7 build(deps): bump peter-evans/create-pull-request from 4 to 5
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 4 to 5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v4...v5)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-11 07:54:22 +10:00
zowoq
ab69305066 .github/workflows/update-terraform-providers.yml: various
- removed outdated permissions comment

- add failed updates step

- add failed updates and ofborg rebuild to PR body
2023-03-25 12:41:02 +10:00
dependabot[bot]
32abfcc923 build(deps): bump cachix/install-nix-action from 19 to 20
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 19 to 20.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v19...v20)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-20 22:30:02 +10:00
pennae
2daba98981 workflows: check maintainers sortedness on pull_request_target
`pull_request` workflows need approval to run, `pull_request_target`
does not. this one isn't particularly vulnerable and doesn't take long
to run, so we may as well run it without approval.
2023-03-19 22:45:33 +01:00
pennae
4a694fc500 maintainers: add script and workflows to check sortedness
the script can output a list of sed commands to create the order it
expects to find. this was mainly useful for initially sorting the list,
but we'll keep it here for later reference.

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
2023-03-15 11:07:54 +01:00
Martin Weinelt
b5f0fdc371
workflows/backport: Copy security label in backport PRs
Since v1.2.0 the backport action supports copying labels from the source
to the backport PR. This is useful for copying the security label from
the original PR to the backport PR, so relevant security updates don't
get lost.
2023-03-06 09:14:20 +00:00
Naïm Favier
568c84c7db
.github: build nixpkgs manual on lib changes
The nixpkgs manual includes documentation for `lib` functions.
2023-03-04 13:23:38 +01:00
zowoq
9df748f599 Revert "workflows: pin install-nix-action to use nix 2.13.3"
This reverts commit 3563c178ca.

fixed in cachix/install-nix-action@v20
2023-03-01 16:17:36 +10:00
zowoq
6a174c65c2 .github/workflows: update cachix/install-nix-action to v20 2023-03-01 16:16:57 +10:00
pennae
3563c178ca workflows: pin install-nix-action to use nix 2.13.3
same reasoning as #218858, only now for an action we depend on and can't
fix quite as easily. cachix-action also uses nix-env and will thus not
work correctly, so pin the nix version used to the last known good one.
2023-03-01 07:08:14 +10:00
Weijia Wang
31ce09b377
Merge pull request #218858 from cole-h/fixup-editorconfig-action
Fixup editorconfig action with Nix 2.14.0
2023-02-28 22:23:59 +02:00
Cole Helbling
19a122e092 ci: editorconfig: use nix-shell instead of nix-env 2023-02-28 11:36:32 -08:00
dependabot[bot]
43760d9cc4 build(deps): bump korthout/backport-action from 1.1.0 to 1.2.0
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.1.0...v1.2.0)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-28 18:08:44 +10:00
dependabot[bot]
f1787f39a5 build(deps): bump cachix/install-nix-action from 18 to 19
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 18 to 19.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v18...v19)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-14 08:10:43 +10:00
pennae
d041641b1a nixos/manual: remove md-to-db
with manual chapters no longer needing pandoc for their conversion to
xml we can get rid of this source of confusion, and its huge cache of
xml files.
2023-02-10 06:40:15 +01:00
dependabot[bot]
08fdf29658 build(deps): bump korthout/backport-action from 1.0.1 to 1.1.0
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.0.1...v1.1.0)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-24 06:38:25 +10:00
zowoq
3a1f02b46b .github/workflows/labels.yml: fix typo
mistake in d1570428a2
2023-01-21 11:30:55 +10:00
zowoq
d1570428a2 .github/workflows/labels.yml: allow PRs to skip labels 2023-01-21 09:33:59 +10:00
zowoq
552af48e79 .github/workflows/editorconfig.yml: change to skip treewide 2023-01-21 09:33:59 +10:00
dependabot[bot]
656548c44a build(deps): bump korthout/backport-action from 1.0.0 to 1.0.1
Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/korthout/backport-action/releases)
- [Commits](https://github.com/korthout/backport-action/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: korthout/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-10 06:45:05 +10:00
dependabot[bot]
8877cc2874 build(deps): bump zeebe-io/backport-action from 0.0.9 to 1.0.0
Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.9 to 1.0.0.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.9...v1.0.0)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-01-03 07:31:48 +10:00
zowoq
9fde2b66f8 terraform-providers: add github token to update-providers 2023-01-02 13:48:28 +10:00
Martin Weinelt
4e6337bdce
workflows/periodic-merge: Remove 22.05 jobs 2023-01-01 14:55:34 +01:00
Martin Weinelt
4b36b3cd43 workflows/backport-action 0.0.8 -> 0.0.9
https://github.com/zeebe-io/backport-action/releases/tag/v0.0.9
2022-11-23 12:20:28 +01:00
Martin Weinelt
18c8904c11
workflows: add 24 hour periodic merges for 22.11 2022-11-21 00:08:44 +01:00
dependabot[bot]
a02320d951 build(deps): bump cachix/cachix-action from 11 to 12
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 11 to 12.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](https://github.com/cachix/cachix-action/compare/v11...v12)

---
updated-dependencies:
- dependency-name: cachix/cachix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-28 17:36:59 +10:00
zowoq
298378f8c3 .github/workflows: replace deprecated set-output
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
2022-10-16 07:41:12 +10:00
Naïm Favier
9b480c2739 .github/workflows: use ofborg-eval context for pending status
Instead of adding a pending status with context `Wait for ofborg`, make
the context `ofborg-eval` and the description "Wait for OfBorg...". That
way, the status will be reused by OfBorg when it starts evaluation and
we don't need to clear it any more.
2022-10-15 09:09:24 +10:00
zowoq
c9ac816a70 .github/workflows/update-terraform-providers.yml: add link to run log
also move git clean to separate step
2022-10-14 15:51:46 +10:00
dependabot[bot]
d2e6195f5b build(deps): bump cachix/install-nix-action from 17 to 18
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 17 to 18.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v17...v18)
2022-10-13 09:15:41 +10:00
dependabot[bot]
ff3f76ad39 build(deps): bump cachix/cachix-action from 10 to 11
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 10 to 11.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](https://github.com/cachix/cachix-action/compare/v10...v11)
2022-10-13 09:13:55 +10:00
zowoq
41173fb24d .github/workflows/update-terraform-providers.yml: set max-workers to 2
also add git clean so logs aren't committed
2022-10-08 06:00:07 +10:00
zowoq
98390bef9e .github/workflows/update-terraform-providers.yml: bypass interactive prompt 2022-10-07 19:38:55 +10:00
zowoq
a8d8d9fee5 .github/workflows/update-terraform-providers.yml: re-enable
- run daily with updateScript, will create a commit for each provider update
- drop wip label and failure comment
2022-10-04 13:01:16 +10:00
Domen Kožar
55b3eabbb4
Merge pull request #192981 from winterqt/update-backport-action
backport-action: 0.0.5 -> 0.0.8
2022-09-26 14:13:00 +02:00
Winter
6f3ce7a620 backport-action: 0.0.5 -> 0.0.8 2022-09-25 22:11:54 -04:00
zowoq
d3270d6b32 .github/workflows/update-terraform-providers.yml: add nixpkgs-unstable for nix-shell
nix_path was removed from the update scripts in 3e63fa279f
2022-09-21 14:43:03 +10:00
zowoq
5fabd2ba5a .github/workflows/update-terraform-providers.yml: disable scheduled update
try nixpkgs-update with passthru.updateScript
2022-09-15 06:00:33 +10:00
zowoq
bbe49339b8 .github/workflows: fix permissions
the merge actions comment on pull requests, seems this was broken by 2c71278a23

also:
- fix permissions on new manual rendering action
- drop unnecessary issues permission from the terraform action
2022-09-12 15:34:35 +10:00
pennae
fc6f0ea188 workflows: fix manual-rendering.yml
the check command didn't set NIX_PATH, so compare-manuals.sh (which is a nix-shell script) failed.
2022-09-11 13:14:44 +10:00
pennae
c45deeb2aa workflows: add check for docbook/md manual equality
we want to make sure that rendering the manual from markdown without
going through docbook produces (semantically) the same output as with
going through docbook. to ensure this we'll build the manual twice, run
each manual through html-tidy to generate a normalized form and diff
the normalized forms. we don't want to compare raw output because that
exposes us to a lot of whitespace we'd have to reproduce exactly in the
MD render.

this check may be relaxed even further in the future, but hopefully not
by much.
2022-09-10 18:23:13 +02:00
pennae
ec75c8efff workflows: check that nixos manual does not use docbook option docs
the nixos manual should not use docbook for module option documentation,
only markdown, to make future transition to a markdown-only world easier
and less painful. this check will ensure that all options
documentation (even plain text that would not be interpreted specially
by neither markdown nor docbook) is declared as being markdown.
2022-09-10 18:23:13 +02:00
zowoq
25b464c8b3
terraform-full: remove (#184649)
* terraform-full: remove

* .github/workflows/update-terraform-providers.yml: switch to terraform.full
2022-08-02 19:45:05 +02:00
Winter
3707cc5a0d
Revert "backport-action: 0.0.5 -> 0.0.8" 2022-07-24 23:30:11 -04:00
Winter
fee30801b2 backport-action: 0.0.5 -> 0.0.8 2022-07-24 13:20:39 -04:00
github-actions[bot]
33be3debd5 terraform-providers: update 2022-07-10 2022-07-10 16:20:44 +10:00
Varun Sharma
2c71278a23 ci: Add GitHub token permissions for workflows
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
2022-07-08 10:53:38 -07:00
Robert Hensing
3a27c40463 workflows/nixos-manual: Add command to run to error message 2022-07-06 07:32:17 +02:00
Janne Heß
8befefd1a7
workflows: Remove 21.11 merges
Channel is EOL
2022-07-04 20:04:17 +02:00
nathannaveen
5deff9583c chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-07-04 01:09:50 +00:00
Janne Heß
e728029b30
workflows: Replace 21.05 with 22.05 2022-05-23 19:57:42 +02:00
dependabot[bot]
646ed065e5 build(deps): bump peter-evans/create-pull-request from 3 to 4
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)
2022-04-29 17:58:49 +10:00
zowoq
c19e9b776d .github/workflows/update-terraform-providers.yml: minor fixes
- simplify comment
- move `ofborg` command into block for clickable copying
2022-04-28 08:13:24 +10:00
dependabot[bot]
23e9e781e2 build(deps): bump cachix/install-nix-action from 16 to 17
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v16...v17)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-08 17:59:26 +10:00
Artturin
36c36411b8 .github/workflows/basic-eval.yml: only run if manually triggered
ofborg should have obsoleted this with https://github.com/NixOS/ofborg/pull/588#issuecomment-1078451552
https://github.com/NixOS/nixpkgs/pull/166599#issuecomment-1085069938

this is still useful to have around for act usage
2022-04-01 09:48:20 +03:00
Sandro
319145c9dc
Merge pull request #165397 from Mic92/create-or-update-comment 2022-03-27 12:12:23 +02:00
dependabot[bot]
1f161a57c2 build(deps): bump peter-evans/commit-comment from 1 to 2
Bumps [peter-evans/commit-comment](https://github.com/peter-evans/commit-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/commit-comment/releases)
- [Commits](https://github.com/peter-evans/commit-comment/compare/v1...v2)

---
updated-dependencies:
- dependency-name: peter-evans/commit-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-23 08:24:13 +01:00
dependabot[bot]
180dada3ed build(deps): bump peter-evans/create-or-update-comment from 1 to 2
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v1...v2)

---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-23 08:23:37 +01:00
Jörg Thalheim
92a720cbac ci: add warning to actions with writeable GITHUB_TOKEN
Co-authored-by: ckie <25263210+ckiee@users.noreply.github.com>
2022-03-21 08:54:42 +01:00
zowoq
1d41af9bc9 .github/workflows/basic-eval.yml: add cachix cache
Avoids rebuilding nix in every PR if it hasn't been build on hydra yet.
2022-03-14 08:12:25 +10:00
zowoq
65268fe99a .github/workflows: update cachix cache comment 2022-03-14 08:12:24 +10:00
Jörg Thalheim
a385dd1ae3
Merge pull request #162450 from Mic92/actions-labeler
build(deps): bump actions/labeler from 3 to 4
2022-03-02 04:57:15 +00:00
dependabot[bot]
3f2c2d0afa
build(deps): bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)
2022-03-02 05:13:13 +01:00
dependabot[bot]
e07220a5ad
build(deps): bump actions/labeler from 3 to 4
Bumps [actions/labeler](https://github.com/actions/labeler) from 3 to 4.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v3...v4)
2022-03-02 05:08:31 +01:00
zowoq
215002fb9f terraform-providers: update scripts
- add flag to skip building updated providers
- have the github action skip building providers so we don't need to handle build failures in the script
- remove outdated `vendor` flag, all providers use `buildGoModule`
2022-02-07 12:02:36 +10:00
zowoq
fc7fb0d528 .github/workflows/update-terraform-providers.yml: minor fixes
- change ofborg command into a comment
- use WIP label instead of draft so codeowner notification works
2022-01-04 18:18:48 +10:00
zowoq
bcd238a027 .github/workflows/update-terraform-providers.yml: init
weekly update of terraform providers which can also be run manually
2022-01-04 11:00:15 +10:00
zowoq
1b8f795c94 .github/workflows/editorconfig.yml: 2.3.5 -> 2.4.0 2021-12-16 21:43:53 +10:00
zowoq
c3338bcdc4 .github/workflows/editorconfig.yml: allow PRs to skip check
Intended for treewide reformatting PRs so we don't hit the API ratelimit.
2021-12-03 12:54:08 +10:00
zowoq
0d02ab2028 .github/workflows/editorconfig.yml: write changed files to disk
This avoids errors when exporting long lists to $GITHUB_ENV.

Co-authored-by: Moritz Hedtke <Moritz.Hedtke@t-online.de>
2021-12-02 09:11:21 +10:00
zowoq
34fa1ffbe4 Revert ".github/workflows/editorconfig.yml: Don't use GitHub API for PR diff."
This reverts commit 4db84ed126.

Causing CI errors.
2021-11-30 10:42:57 +10:00
Moritz Hedtke
4db84ed126 .github/workflows/editorconfig.yml: Don't use GitHub API for PR diff.
This caused ratelimits for large PRs (reformatting PRs)
2021-11-30 09:41:52 +10:00
Martin Weinelt
3eb5d85beb .github/workflows/periodic-merge: configure 21.11 release 2021-11-28 17:00:50 -08:00
dependabot[bot]
4985724c82 build(deps): bump cachix/install-nix-action from 15 to 16
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 15 to 16.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v15...v16)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-23 13:50:59 +01:00
dependabot[bot]
a3d17b38a1 build(deps): bump cachix/install-nix-action from 14 to 15
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 14 to 15.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v14...v15)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-13 06:16:14 +01:00
Domen Kožar
6954a396d1 Revert "build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6 (#140848)"
This reverts commit 50341b0cd8.

It breaks the backport action.
2021-10-31 11:42:05 -06:00
Domen Kožar
a8ac0dd944 Revert "backport-action: 0.0.6 -> 0.0.7"
This reverts commit 7e3ba3e88b.

It breaks the backport.
2021-10-31 11:42:04 -06:00
Domen Kožar
7e3ba3e88b backport-action: 0.0.6 -> 0.0.7 2021-10-29 13:30:51 -05:00
Jörg Thalheim
50341b0cd8
build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6 (#140848)
* build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.5 to 0.0.6.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.5...v0.0.6)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update .github/workflows/backport.yml

* Update .github/workflows/backport.yml

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Domen Kožar <domen@enlambda.com>
2021-10-28 20:22:14 +01:00
Martin Weinelt
8b77d991b6 .github/workflows/periodic-merge: move stable merges to 24h cycle 2021-10-05 20:53:53 +02:00
dependabot[bot]
307690708a build(deps): bump cachix/install-nix-action from 13 to 14
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 13 to 14.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v13...v14)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-09 08:05:27 +02:00
dependabot[bot]
05a5144fa9 build(deps): bump devmasx/merge-branch from 1.3.1 to 1.4.0
Bumps [devmasx/merge-branch](https://github.com/devmasx/merge-branch) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/devmasx/merge-branch/releases)
- [Changelog](https://github.com/devmasx/merge-branch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/devmasx/merge-branch/compare/v1.3.1...1.4.0)

---
updated-dependencies:
- dependency-name: devmasx/merge-branch
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-02 07:08:00 +10:00
Jörg Thalheim
2f9cf506dd
build(deps): bump zeebe-io/backport-action (#131466)
* build(deps): bump zeebe-io/backport-action

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 2b994724142df0774855690db56bc6308fb99ffa to 0.0.5. This release includes the previously tagged commit.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](2b99472414...e5d4d7c39c)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: zowoq <59103226+zowoq@users.noreply.github.com>
2021-07-25 19:22:26 +01:00
dependabot[bot]
8ebf75b3c7 build(deps): bump cachix/cachix-action from 9 to 10
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 9 to 10.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](https://github.com/cachix/cachix-action/compare/v9...v10)

---
updated-dependencies:
- dependency-name: cachix/cachix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-25 13:48:04 +02:00
Jonas Chevalier
b8297c00c9
ci: add no-channel check (#109543)
* ci: add no-channel check

* Update .github/workflows/no-channel.yml

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
2021-07-21 08:22:37 +02:00
Domen Kožar
7904fffeef
GHA: add basic eval checks 2021-07-07 14:26:59 +02:00
Dennis Gosnell
4b16b8c76b
workflows: fix documentation for periodic 24 hours merge 2021-07-01 20:16:36 +09:00
Malte Brandy
4acf281f00
.github/workflows/periodic-merge-*: Tiny improvements 2021-07-01 00:44:37 +02:00
Martin Weinelt
3f40ca48bc
.github/workflows/periodic-merge: generalize from merge-staging
By generalizing the previous merge-staging action we can support a large
number of branch pairs that need to be merged periodically.

Provide two intervals, daily and every six hours, to accomodate
different needs.

Co-Authored-By: Malte Brandy <malte.brandy@maralorn.de>
2021-06-30 22:42:16 +02:00
Niklas Hambüchen
3c29ced243 CONTRIBUTING.md: Move to repo root, where it is more visible.
We found that many users found it difficult to locate this document.

Github supports it in the root, see:
https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/setting-guidelines-for-repository-contributors
2021-06-26 04:51:38 +02:00
Niklas Hambüchen
f93aa9b94b backporting action: Link to backporting criteria.
Automation tools should instruct their users clearly what tasks are still on the user.

Updates the bot's version to get the `pull_description` feature:
https://github.com/zeebe-io/backport-action/pull/64
2021-06-26 04:51:11 +02:00
Domen Kožar
49bbb40680
Merge pull request #126826 from domenkozar/direct-push-eventually-consistent
direct-push action: delay to workaround eventually consistent DB
2021-06-19 15:52:13 +02:00
Domen Kožar
e3858348c4
Merge pull request #126825 from domenkozar/backport-label-check
backport action: run only when the label starts with 'backport'
2021-06-19 15:51:37 +02:00
Domen Kožar
b390b929bd
direct-push action: delay to workaround eventually consistent DB 2021-06-14 13:47:22 +02:00
Domen Kožar
527686e761
backport action: run only when the label starts with 'backport' 2021-06-14 13:41:10 +02:00
zowoq
1ea409a4f0 .github/workflows/rebase.yml: remove
It only works sometimes and we're unable to fix it.
2021-06-09 23:44:26 +10:00