gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

workflows/eval: upload maintainer list of all packages as artifact (#456965)

Browse Source
This commit is contained in:
Wolfgang Walther
2025-10-31 11:28:37 +00:00
committed by GitHub
parent dc7f22eb73 498574f238
commit 4061fac135
9 changed files with 99 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/build.yml vendored
View File

@@ -3,6 +3,9 @@ name: Build
on:
workflow_call:
inputs:
artifact-prefix:
required: true
type: string
baseBranch:
required: true
type: string
@@ -100,5 +103,5 @@ jobs:
contains(fromJSON(inputs.baseBranch).type, 'primary')
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: nixos-manual-${{ matrix.name }}
name: ${{ inputs.artifact-prefix }}nixos-manual-${{ matrix.name }}
path: nixos-manual

46
.github/workflows/eval.yml vendored
View File

@@ -3,6 +3,9 @@ name: Eval
on:
workflow_call:
inputs:
artifact-prefix:
required: true
type: string
mergedSha:
required: true
type: string
@@ -110,7 +113,7 @@ jobs:
MATRIX_SYSTEM: ${{ matrix.system }}
MATRIX_VERSION: ${{ matrix.version || 'nixVersions.latest' }}
run: |
nix-build nixpkgs/untrusted/ci --arg nixpkgs ./nixpkgs/untrusted-pinned -A eval.singleSystem \
nix-build nixpkgs/untrusted/ci --arg nixpkgs ./nixpkgs/untrusted-pinned -A eval.singleSystem \
--argstr evalSystem "$MATRIX_SYSTEM" \
--arg chunkSize 8000 \
--argstr nixPath "$MATRIX_VERSION" \
@@ -119,19 +122,29 @@ jobs:
# Note: Keep the same further down in sync!
- name: Evaluate the ${{ matrix.system }} output paths at the target commit
if: inputs.targetSha
env:
MATRIX_SYSTEM: ${{ matrix.system }}
# This is very quick, because it pulls the eval results from Cachix.
run: |
nix-build nixpkgs/trusted/ci --arg nixpkgs ./nixpkgs/trusted-pinned -A eval.singleSystem \
TARGET_DRV=$(nix-instantiate nixpkgs/trusted/ci --arg nixpkgs ./nixpkgs/trusted-pinned -A eval.singleSystem \
--argstr evalSystem "$MATRIX_SYSTEM" \
--arg chunkSize 8000 \
--argstr nixPath "nixVersions.latest" \
--out-link target
--argstr nixPath "nixVersions.latest")
# Try to fetch this from Cachix a few times, for up to 30 seconds. This avoids running Eval
# twice in the Merge Queue, when a later item finishes Eval at the merge commit earlier.
for _i in {1..6}; do
# Using --max-jobs 0 will cause nix-build to fail if this can't be substituted from cachix.
if nix-build "$TARGET_DRV" --max-jobs 0; then
break
fi
sleep 5
done
# Either fetches from Cachix or runs Eval itself. The fallback is required
# for pull requests into wip-branches without merge queue.
nix-build "$TARGET_DRV" --out-link target
- name: Compare outpaths against the target branch
if: inputs.targetSha
env:
MATRIX_SYSTEM: ${{ matrix.system }}
run: |
@@ -142,16 +155,15 @@ jobs:
--out-link diff
- name: Upload outpaths diff and stats
if: inputs.targetSha
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: ${{ matrix.version && format('{0}-', matrix.version) || '' }}diff-${{ matrix.system }}
name: ${{ inputs.artifact-prefix }}${{ matrix.version && format('{0}-', matrix.version) || '' }}diff-${{ matrix.system }}
path: diff/*
compare:
runs-on: ubuntu-24.04-arm
needs: [eval]
if: inputs.targetSha && !cancelled() && !failure()
if: ${{ !cancelled() && !failure() }}
permissions:
statuses: write
timeout-minutes: 5
@@ -169,7 +181,7 @@ jobs:
- name: Download output paths and eval stats for all systems
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
pattern: diff-*
pattern: ${{ inputs.artifact-prefix }}diff-*
path: diff
merge-multiple: true
@@ -182,6 +194,12 @@ jobs:
--arg diffDir ./diff \
--out-link combined
- name: Upload the maintainer list
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: ${{ inputs.artifact-prefix }}maintainers
path: combined/maintainers.json
- name: Compare against the target branch
env:
AUTHOR_ID: ${{ github.event.pull_request.user.id }}
@@ -202,7 +220,7 @@ jobs:
- name: Upload the comparison results
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: comparison
name: ${{ inputs.artifact-prefix }}comparison
path: comparison/*
- name: Add eval summary to commit statuses
@@ -250,6 +268,7 @@ jobs:
- name: Add version comparison table to job summary
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
env:
ARTIFACT_PREFIX: ${{ inputs.artifact-prefix }}
SYSTEMS: ${{ inputs.systems }}
VERSIONS: ${{ needs.versions.outputs.versions }}
with:
@@ -257,6 +276,7 @@ jobs:
const { readFileSync } = require('node:fs')
const path = require('node:path')
const prefix = process.env.ARTIFACT_PREFIX
const systems = JSON.parse(process.env.SYSTEMS)
const versions = JSON.parse(process.env.VERSIONS)
@@ -272,7 +292,7 @@ jobs:
[{ data: version }].concat(
systems.map((system) => {
try {
const artifact = path.join('versions', `${version}-diff-${system}`)
const artifact = path.join('versions', `${prefix}${version}-diff-${system}`)
const time = Math.round(
parseFloat(
readFileSync(

5
.github/workflows/merge-group.yml vendored
View File

@@ -4,6 +4,9 @@ on:
merge_group:
workflow_call:
inputs:
artifact-prefix:
required: true
type: string
mergedSha:
required: true
type: string
@@ -54,7 +57,9 @@ jobs:
secrets:
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
with:
artifact-prefix: ${{ inputs.artifact-prefix }}
mergedSha: ${{ inputs.mergedSha || github.event.merge_group.head_sha }}
targetSha: ${{ inputs.targetSha || github.event.merge_group.base_sha }}
systems: ${{ needs.prepare.outputs.systems }}
# This job's only purpose is to create the target for the "Required Status Checks" branch ruleset.

8
.github/workflows/pr.yml vendored
View File

@@ -3,6 +3,10 @@ name: PR
on:
pull_request_target:
workflow_call:
inputs:
artifact-prefix:
required: true
type: string
secrets:
CACHIX_AUTH_TOKEN:
required: true
@@ -90,6 +94,7 @@ jobs:
secrets:
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
with:
artifact-prefix: ${{ inputs.artifact-prefix }}
mergedSha: ${{ needs.prepare.outputs.mergedSha }}
targetSha: ${{ needs.prepare.outputs.targetSha }}
systems: ${{ needs.prepare.outputs.systems }}
@@ -116,6 +121,8 @@ jobs:
uses: ./.github/workflows/reviewers.yml
secrets:
OWNER_APP_PRIVATE_KEY: ${{ secrets.OWNER_APP_PRIVATE_KEY }}
with:
artifact-prefix: ${{ inputs.artifact-prefix }}
build:
name: Build
@@ -124,6 +131,7 @@ jobs:
secrets:
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
with:
artifact-prefix: ${{ inputs.artifact-prefix }}
baseBranch: ${{ needs.prepare.outputs.baseBranch }}
mergedSha: ${{ needs.prepare.outputs.mergedSha }}

10
.github/workflows/reviewers.yml vendored
View File

@@ -7,6 +7,10 @@ on:
pull_request_target:
types: [ready_for_review]
workflow_call:
inputs:
artifact-prefix:
required: true
type: string
secrets:
OWNER_APP_PRIVATE_KEY:
required: true
@@ -91,6 +95,8 @@ jobs:
- name: Wait for comparison to be done
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
id: eval
env:
ARTIFACT: ${{ inputs.artifact-prefix }}comparison
with:
script: |
const run_id = (await github.rest.actions.listWorkflowRuns({
@@ -111,7 +117,7 @@ jobs:
owner: context.repo.owner,
repo: context.repo.repo,
run_id,
name: 'comparison'
name: process.env.ARTIFACT,
})
if (result.data.total_count > 0) return
await new Promise(resolve => setTimeout(resolve, 5000))
@@ -128,7 +134,7 @@ jobs:
with:
run-id: ${{ steps.eval.outputs.run-id }}
github-token: ${{ github.token }}
pattern: comparison
pattern: ${{ inputs.artifact-prefix }}comparison
path: comparison
merge-multiple: true

3
.github/workflows/test.yml vendored
View File

@@ -79,6 +79,7 @@ jobs:
secrets:
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
with:
artifact-prefix: mg-
mergedSha: ${{ needs.prepare.outputs.mergedSha }}
targetSha: ${{ needs.prepare.outputs.targetSha }}
@@ -95,3 +96,5 @@ jobs:
secrets:
CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
NIXPKGS_CI_APP_PRIVATE_KEY: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }}
with:
artifact-prefix: pr-