Skip to content

Commit 573f280

Browse files
Mic92Mic92
authored
workflows: improve testability (#406852)
2 parents 14171fb + dd1b14e commit 573f280

14 files changed

+50
-7
lines changed

.github/workflows/backport.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ permissions: {}
1414
jobs:
1515
backport:
1616
name: Backport Pull Request
17-
if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event.action != 'labeled' || startsWith(github.event.label.name, 'backport'))
17+
if: vars.NIXPKGS_CI_APP_ID && github.event.pull_request.merged == true && (github.event.action != 'labeled' || startsWith(github.event.label.name, 'backport'))
1818
runs-on: ubuntu-24.04-arm
1919
steps:
2020
# Use a GitHub App to create the PR so that CI gets triggered

.github/workflows/check-cherry-picks.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: "Check cherry-picks"
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/check-cherry-picks.yml
47
pull_request_target:
58
branches:
69
- 'release-**'
@@ -13,7 +16,6 @@ jobs:
1316
check:
1417
name: cherry-pick-check
1518
runs-on: ubuntu-24.04-arm
16-
if: github.repository_owner == 'NixOS'
1719
steps:
1820
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1921
with:

.github/workflows/check-format.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: Check that files are formatted
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/check-format.yml
47
pull_request_target:
58
types: [opened, synchronize, reopened, edited]
69

.github/workflows/check-shell.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: "Check shell"
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/check-shell.yml
47
pull_request_target:
58
paths:
69
- 'shell.nix'

.github/workflows/codeowners-v2.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,9 @@
2323
name: Codeowners v2
2424

2525
on:
26+
pull_request:
27+
paths:
28+
- .github/workflows/codeowners-v2.yml
2629
pull_request_target:
2730
types: [opened, ready_for_review, synchronize, reopened, edited]
2831

@@ -64,6 +67,7 @@ jobs:
6467
run: nix-build base/ci -A codeownersValidator
6568

6669
- uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
70+
if: vars.OWNER_RO_APP_ID
6771
id: app-token
6872
with:
6973
app-id: ${{ vars.OWNER_RO_APP_ID }}
@@ -77,6 +81,7 @@ jobs:
7781
path: pr
7882

7983
- name: Validate codeowners
84+
if: steps.app-token.outputs.token
8085
run: result/bin/codeowners-validator
8186
env:
8287
OWNERS_FILE: pr/${{ env.OWNERS_FILE }}
@@ -99,6 +104,7 @@ jobs:
99104
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
100105

101106
- uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
107+
if: vars.OWNER_APP_ID
102108
id: app-token
103109
with:
104110
app-id: ${{ vars.OWNER_APP_ID }}
@@ -111,6 +117,7 @@ jobs:
111117
run: nix-build ci -A requestReviews
112118

113119
- name: Request reviews
120+
if: steps.app-token.outputs.token
114121
run: result/bin/request-code-owner-reviews.sh ${{ github.repository }} ${{ github.event.number }} "$OWNERS_FILE"
115122
env:
116123
GH_TOKEN: ${{ steps.app-token.outputs.token }}

.github/workflows/eval-aliases.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: Eval aliases
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/eval-aliases.yml
47
pull_request_target:
58

69
permissions: {}
@@ -26,7 +29,7 @@ jobs:
2629
extra_nix_config: sandbox = true
2730

2831
- name: Ensure flake outputs on all systems still evaluate
29-
run: nix --experimental-features 'nix-command flakes' flake check --all-systems --no-build ./nixpkgs
32+
run: nix flake check --all-systems --no-build ./nixpkgs
3033

3134
- name: Query nixpkgs with aliases enabled to check for basic syntax errors
3235
run: |

.github/workflows/eval.yml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: Eval
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/eval.yml
47
pull_request_target:
58
types: [opened, ready_for_review, synchronize, reopened]
69
push:
@@ -175,6 +178,7 @@ jobs:
175178
# See ./codeowners-v2.yml, reuse the same App because we need the same permissions
176179
# Can't use the token received from permissions above, because it can't get enough permissions
177180
- uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
181+
if: vars.OWNER_APP_ID
178182
id: app-token
179183
with:
180184
app-id: ${{ vars.OWNER_APP_ID }}
@@ -205,6 +209,7 @@ jobs:
205209
run: nix-build base/ci -A requestReviews
206210

207211
- name: Labelling pull request
212+
if: ${{ github.event_name == 'pull_request_target' && github.repository_owner == 'NixOS' }}
208213
run: |
209214
# Get all currently set rebuild labels
210215
gh api \
@@ -239,7 +244,7 @@ jobs:
239244
NUMBER: ${{ github.event.number }}
240245

241246
- name: Add eval summary to commit statuses
242-
if: ${{ github.event_name == 'pull_request_target' }}
247+
if: ${{ github.event_name == 'pull_request_target' && github.repository_owner == 'NixOS' }}
243248
run: |
244249
description=$(jq -r '
245250
"Package: added " + (.attrdiff.added | length | tostring) +
@@ -259,6 +264,7 @@ jobs:
259264
NUMBER: ${{ github.event.number }}
260265

261266
- name: Requesting maintainer reviews
267+
if: ${{ steps.app-token.outputs.token && github.repository_owner == 'NixOS' }}
262268
run: |
263269
# maintainers.json contains GitHub IDs. Look up handles to request reviews from.
264270
# There appears to be no API to request reviews based on GitHub IDs

.github/workflows/get-merge-commit.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: Get merge commit
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/get-merge-commit.yml
47
workflow_call:
58
outputs:
69
mergedSha:
@@ -38,7 +41,7 @@ jobs:
3841
push)
3942
echo "mergedSha=${{ github.sha }}" >> "$GITHUB_OUTPUT"
4043
;;
41-
pull_request_target)
44+
pull_request*)
4245
if commits=$(base/ci/get-merge-commit.sh ${{ github.repository }} ${{ github.event.number }}); then
4346
echo -e "Checking the commits:\n$commits"
4447
echo "$commits" >> "$GITHUB_OUTPUT"

.github/workflows/lib-tests.yml

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: "Building Nixpkgs lib-tests"
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/lib-tests.yml
47
pull_request_target:
58
paths:
69
- 'lib/**'

.github/workflows/manual-nixos-v2.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,9 @@
11
name: "Build NixOS manual v2"
22

33
on:
4+
pull_request:
5+
paths:
6+
- .github/workflows/manual-nixos-v2.yml
47
pull_request_target:
58
branches:
69
- master
@@ -38,7 +41,6 @@ jobs:
3841
extra_nix_config: sandbox = true
3942

4043
- uses: cachix/cachix-action@0fc020193b5a1fa3ac4575aa3a7d3aa6a35435ad # v16
41-
if: github.repository_owner == 'NixOS'
4244
with:
4345
# This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere.
4446
name: nixpkgs-ci

0 commit comments

Comments
 (0)