tjh.dev / nixpkgs
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom

workflows: self-test on change

All workflows where it's remotely useful now trigger on a pull_request
event when the workflow file itself is changed. This gives us basic
sanity testing of changes to workflow files itself and reduces the need
for manual tests in forks.

Wolfgang Walther 65315e54 c549cc92

+47 -1
+3
.github/workflows/check-cherry-picks.yml
··· 1 1 name: "Check cherry-picks" 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/check-cherry-picks.yml 4 7 pull_request_target: 5 8 branches: 6 9 - 'release-**'
+3
.github/workflows/check-format.yml
··· 1 1 name: Check that files are formatted 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/check-format.yml 4 7 pull_request_target: 5 8 types: [opened, synchronize, reopened, edited] 6 9
+3
.github/workflows/check-shell.yml
··· 1 1 name: "Check shell" 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/check-shell.yml 4 7 pull_request_target: 5 8 paths: 6 9 - 'shell.nix'
+7
.github/workflows/codeowners-v2.yml
··· 23 23 name: Codeowners v2 24 24 25 25 on: 26 + pull_request: 27 + paths: 28 + - .github/workflows/codeowners-v2.yml 26 29 pull_request_target: 27 30 types: [opened, ready_for_review, synchronize, reopened, edited] 28 31 ··· 67 64 run: nix-build base/ci -A codeownersValidator 68 65 69 66 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 67 + if: vars.OWNER_RO_APP_ID 70 68 id: app-token 71 69 with: 72 70 app-id: ${{ vars.OWNER_RO_APP_ID }} ··· 81 77 path: pr 82 78 83 79 - name: Validate codeowners 80 + if: steps.app-token.outputs.token 84 81 run: result/bin/codeowners-validator 85 82 env: 86 83 OWNERS_FILE: pr/${{ env.OWNERS_FILE }} ··· 104 99 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 105 100 106 101 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 102 + if: vars.OWNER_APP_ID 107 103 id: app-token 108 104 with: 109 105 app-id: ${{ vars.OWNER_APP_ID }} ··· 117 111 run: nix-build ci -A requestReviews 118 112 119 113 - name: Request reviews 114 + if: steps.app-token.outputs.token 120 115 run: result/bin/request-code-owner-reviews.sh ${{ github.repository }} ${{ github.event.number }} "$OWNERS_FILE" 121 116 env: 122 117 GH_TOKEN: ${{ steps.app-token.outputs.token }}
+3
.github/workflows/eval-aliases.yml
··· 1 1 name: Eval aliases 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/eval-aliases.yml 4 7 pull_request_target: 5 8 6 9 permissions: {}
+6
.github/workflows/eval.yml
··· 1 1 name: Eval 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/eval.yml 4 7 pull_request_target: 5 8 types: [opened, ready_for_review, synchronize, reopened] 6 9 push: ··· 178 175 # See ./codeowners-v2.yml, reuse the same App because we need the same permissions 179 176 # Can't use the token received from permissions above, because it can't get enough permissions 180 177 - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 178 + if: vars.OWNER_APP_ID 181 179 id: app-token 182 180 with: 183 181 app-id: ${{ vars.OWNER_APP_ID }} ··· 209 205 run: nix-build base/ci -A requestReviews 210 206 211 207 - name: Labelling pull request 208 + if: ${{ github.event_name == 'pull_request_target' }} 212 209 run: | 213 210 # Get all currently set rebuild labels 214 211 gh api \ ··· 264 259 NUMBER: ${{ github.event.number }} 265 260 266 261 - name: Requesting maintainer reviews 262 + if: steps.app-token.outputs.token 267 263 run: | 268 264 # maintainers.json contains GitHub IDs. Look up handles to request reviews from. 269 265 # There appears to be no API to request reviews based on GitHub IDs
+4 -1
.github/workflows/get-merge-commit.yml
··· 1 1 name: Get merge commit 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/get-merge-commit.yml 4 7 workflow_call: 5 8 outputs: 6 9 mergedSha: ··· 41 38 push) 42 39 echo "mergedSha=${{ github.sha }}" >> "$GITHUB_OUTPUT" 43 40 ;; 44 - pull_request_target) 41 + pull_request*) 45 42 if commits=$(base/ci/get-merge-commit.sh ${{ github.repository }} ${{ github.event.number }}); then 46 43 echo -e "Checking the commits:\n$commits" 47 44 echo "$commits" >> "$GITHUB_OUTPUT"
+3
.github/workflows/lib-tests.yml
··· 1 1 name: "Building Nixpkgs lib-tests" 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/lib-tests.yml 4 7 pull_request_target: 5 8 paths: 6 9 - 'lib/**'
+3
.github/workflows/manual-nixos-v2.yml
··· 1 1 name: "Build NixOS manual v2" 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/manual-nixos-v2.yml 4 7 pull_request_target: 5 8 branches: 6 9 - master
+3
.github/workflows/manual-nixpkgs-v2.yml
··· 1 1 name: "Build Nixpkgs manual v2" 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/manual-nixpkgs-v2.yml 4 7 pull_request_target: 5 8 branches: 6 9 - master
+3
.github/workflows/nix-parse-v2.yml
··· 1 1 name: "Check whether nix files are parseable v2" 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/nix-parse-v2.yml 4 7 pull_request_target: 5 8 6 9 permissions: {}
+3
.github/workflows/nixpkgs-vet.yml
··· 6 6 name: Vet nixpkgs 7 7 8 8 on: 9 + pull_request: 10 + paths: 11 + - .github/workflows/nixpkgs-vet.yml 9 12 pull_request_target: 10 13 # This workflow depends on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. 11 14 # Instead it causes an `edited` event, so we need to add it explicitly here.
+3
.github/workflows/no-channel.yml
··· 1 1 name: "No channel PR" 2 2 3 3 on: 4 + pull_request: 5 + paths: 6 + - .github/workflows/no-channel.yml 4 7 pull_request_target: 5 8 # Re-run should be triggered when the base branch is updated, instead of silently failing 6 9 types: [opened, synchronize, reopened, edited]