nixpkgs/.github/workflows/check-nix-format.yml

# NOTE: Formatting with the RFC-style nixfmt command is not yet stable.
# See https://github.com/NixOS/rfcs/pull/166.

name: Check that Nix files are formatted

on:
  pull_request_target:
    types: [opened, synchronize, reopened, edited]

permissions: {}

jobs:
  get-merge-commit:
    uses: ./.github/workflows/get-merge-commit.yml

  nixos:
    name: nixfmt-check
    runs-on: ubuntu-24.04
    needs: get-merge-commit
    if: needs.get-merge-commit.outputs.mergedSha
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          ref: ${{ needs.get-merge-commit.outputs.mergedSha }}

      - uses: cachix/install-nix-action@02a151ada4993995686f9ed4f1be7cfbb229e56f # v31
        with:
          extra_nix_config: sandbox = true

      - name: Check that Nix files are formatted
        run: |
          # Note that it's fine to run this on untrusted code because:
          # - There's no secrets accessible here
          # - The build is sandboxed
          if ! nix-build ci -A fmt.check; then
            echo "Some Nix files are not properly formatted"
            echo "Please format them by going to the Nixpkgs root directory and running one of:"
            echo "  nix-shell --run treefmt"
            echo "  nix develop --command treefmt"
            echo "  nix fmt"
            echo "Make sure your branch is up to date with master; rebase if not."
            echo "If you're having trouble, please ping @NixOS/nix-formatting"
            exit 1
          fi