chn/nixpkgs
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixpkgs.git synced 2026-01-12 02:40:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
4aa51a994c09f697b100cbc8286bf1dbd68fa63e
nixpkgs/.github/workflows/lint.yml
Wolfgang Walther 4aa51a994c workflows/{labels,reviewers}: fix concurrency groups for nested workflows 
This didn't work as intended. When a workflow is run with
`workflow_call`, it will have `github.workflow` set to the *parent*
workflow. So the `caller` input that we passed, resulted in this
concurrency key:

```
Eval-Eval-...
```

But that's bad, because the labels and reviewers workflows will cancel
each other!

What we actually want is this:
- Label and Reviewers workflow should have different groups.
- Reviewers called via Eval and called directly via undraft should have
*different* groups.

We can't use the default condition we use everywhere else, because
`github.workflow` is the same for Label and Reviewers. Thus, we hardcode
the workflow's name as well. This essentially means we have this as a
key:

```
<name-of-running-workflow>-<name-of-triggering-workflow>-<name-of-event>-<name-of-head-branch>
```

This should do what we want.

Since workflows can be made reusable workflows later on, we add those
hardcoded names to *all* concurrency groups. This avoids copy&paste
errors later on.

(cherry picked from commit 6793e238fa)
2025-06-14 14:27:37 +02:00

102 lines
3.5 KiB
YAML
Raw Blame History

name: Lint
on:
pull_request:
paths:
- .github/workflows/lint.yml
pull_request_target:
concurrency:
group: lint-${{ github.workflow }}-${{ github.event_name }}-${{ github.event.pull_request.number || github.run_id }}
cancel-in-progress: true
permissions: {}
defaults:
run:
shell: bash
jobs:
treefmt:
runs-on: ubuntu-24.04-arm
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
sparse-checkout: .github/actions
- name: Check if the PR can be merged and checkout the merge commit
uses: ./.github/actions/get-merge-commit
with:
merged-as-untrusted: true
- uses: cachix/install-nix-action@17fe5fb4a23ad6cbbe47d6b3f359611ad276644c # v31
with:
extra_nix_config: sandbox = true
- name: Check that files are formatted
run: |
# Note that it's fine to run this on untrusted code because:
# - There's no secrets accessible here
# - The build is sandboxed
if ! nix-build untrusted/ci -A fmt.check; then
echo "Some files are not properly formatted"
echo "Please format them by going to the Nixpkgs root directory and running one of:"
echo " nix-shell --run treefmt"
echo " nix develop --command treefmt"
echo " nix fmt"
echo "Make sure your branch is up to date with master; rebase if not."
echo "If you're having trouble, please ping @NixOS/nix-formatting"
exit 1
fi
parse:
runs-on: ubuntu-24.04-arm
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
sparse-checkout: .github/actions
- name: Check if the PR can be merged and checkout the merge commit
uses: ./.github/actions/get-merge-commit
with:
merged-as-untrusted: true
- uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31
with:
extra_nix_config: sandbox = true
- name: Parse all nix files
run: |
# Tests multiple versions at once, let's make sure all of them run, so keep-going.
nix-build untrusted/ci -A parse --keep-going
nixpkgs-vet:
runs-on: ubuntu-24.04-arm
# This should take 1 minute at most, but let's be generous. The default of 6 hours is definitely too long.
timeout-minutes: 10
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
sparse-checkout: .github/actions
- name: Check if the PR can be merged and checkout merged and target commits
uses: ./.github/actions/get-merge-commit
with:
merged-as-untrusted: true
target-as-trusted: true
- uses: cachix/install-nix-action@526118121621777ccd86f79b04685a9319637641 # v31
with:
extra_nix_config: sandbox = true
- name: Running nixpkgs-vet
env:
# Force terminal colors to be enabled. The library that `nixpkgs-vet` uses respects https://bixense.com/clicolors/
CLICOLOR_FORCE: 1
run: |
if nix-build untrusted/ci -A nixpkgs-vet --arg base "./trusted" --arg head "./untrusted"; then
exit 0
else
exitCode=$?
echo "To run locally: ./ci/nixpkgs-vet.sh $GITHUB_BASE_REF https://github.com/$GITHUB_REPOSITORY.git"
echo "If you're having trouble, ping @NixOS/nixpkgs-vet"
exit "$exitCode"
fi
Reference in New Issue View Git Blame Copy Permalink