mirror of
https://github.com/CHN-beta/nixpkgs.git
synced 2026-01-12 02:40:31 +08:00
593aee095f
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](11bd71901b...08c6903cd8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 5.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
107 lines
3.5 KiB
YAML
107 lines
3.5 KiB
YAML
name: Lint
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
mergedSha:
|
|
required: true
|
|
type: string
|
|
targetSha:
|
|
required: true
|
|
type: string
|
|
|
|
permissions: {}
|
|
|
|
defaults:
|
|
run:
|
|
shell: bash
|
|
|
|
jobs:
|
|
treefmt:
|
|
runs-on: ubuntu-24.04-arm
|
|
timeout-minutes: 10
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
with:
|
|
sparse-checkout: .github/actions
|
|
- name: Check if the PR can be merged and checkout the merge commit
|
|
uses: ./.github/actions/get-merge-commit
|
|
with:
|
|
mergedSha: ${{ inputs.mergedSha }}
|
|
merged-as-untrusted: true
|
|
|
|
- uses: cachix/install-nix-action@f0fe604f8a612776892427721526b4c7cfb23aba # v31
|
|
with:
|
|
extra_nix_config: sandbox = true
|
|
|
|
- name: Check that files are formatted
|
|
run: |
|
|
# Note that it's fine to run this on untrusted code because:
|
|
# - There's no secrets accessible here
|
|
# - The build is sandboxed
|
|
if ! nix-build untrusted/ci -A fmt.check; then
|
|
echo "Some files are not properly formatted"
|
|
echo "Please format them by going to the Nixpkgs root directory and running one of:"
|
|
echo " nix-shell --run treefmt"
|
|
echo " nix develop --command treefmt"
|
|
echo " nix fmt"
|
|
echo "Make sure your branch is up to date with master; rebase if not."
|
|
echo "If you're having trouble, please ping @NixOS/nix-formatting"
|
|
exit 1
|
|
fi
|
|
|
|
parse:
|
|
runs-on: ubuntu-24.04-arm
|
|
timeout-minutes: 10
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
with:
|
|
sparse-checkout: .github/actions
|
|
- name: Check if the PR can be merged and checkout the merge commit
|
|
uses: ./.github/actions/get-merge-commit
|
|
with:
|
|
mergedSha: ${{ inputs.mergedSha }}
|
|
merged-as-untrusted: true
|
|
|
|
- uses: cachix/install-nix-action@f0fe604f8a612776892427721526b4c7cfb23aba # v31
|
|
with:
|
|
extra_nix_config: sandbox = true
|
|
|
|
- name: Parse all nix files
|
|
run: |
|
|
# Tests multiple versions at once, let's make sure all of them run, so keep-going.
|
|
nix-build untrusted/ci -A parse --keep-going
|
|
|
|
nixpkgs-vet:
|
|
runs-on: ubuntu-24.04-arm
|
|
timeout-minutes: 10
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
with:
|
|
sparse-checkout: .github/actions
|
|
- name: Check if the PR can be merged and checkout merged and target commits
|
|
uses: ./.github/actions/get-merge-commit
|
|
with:
|
|
mergedSha: ${{ inputs.mergedSha }}
|
|
merged-as-untrusted: true
|
|
targetSha: ${{ inputs.targetSha }}
|
|
target-as-trusted: true
|
|
|
|
- uses: cachix/install-nix-action@f0fe604f8a612776892427721526b4c7cfb23aba # v31
|
|
with:
|
|
extra_nix_config: sandbox = true
|
|
|
|
- name: Running nixpkgs-vet
|
|
env:
|
|
# Force terminal colors to be enabled. The library that `nixpkgs-vet` uses respects https://bixense.com/clicolors/
|
|
CLICOLOR_FORCE: 1
|
|
run: |
|
|
if nix-build untrusted/ci -A nixpkgs-vet --arg base "./trusted" --arg head "./untrusted"; then
|
|
exit 0
|
|
else
|
|
exitCode=$?
|
|
echo "To run locally: ./ci/nixpkgs-vet.sh $GITHUB_BASE_REF https://github.com/$GITHUB_REPOSITORY.git"
|
|
echo "If you're having trouble, ping @NixOS/nixpkgs-vet"
|
|
exit "$exitCode"
|
|
fi
|