f7d6d11e8e
This removes the "owners" check from codeowners-validator. With it, all tokens and permissions can be removed, because these were only needed to make these requests. This solves the problem of codeowners-validator not supporting our new nested team structure for nixpkgs-maintainers. To make the onboarding of new teams easier, we moved all teams "under" the nixpkgs-maintainers team. This makes them inherit the right privileges (triage) for Nixpkgs. However, this inheritance is not recognized by codeowners-validator, thus it assumes that these teams don't have access to Nixpkgs. This then fails the owners check immediately. Removing the owners check also has a few other advantages: - This check depends on external state: If a user is renamed or a team removed, the check will fail. This makes it a bad check for required status checks or merge queues - the check might fail randomly, independent of the current PR. - Running this check in a fork will never work, because the respective users and teams don't have access to the fork's repo. Both of this required us to set `continue-on-error: true` most of the time.
GitHub specific CI scripts
This folder contains actions/github-script-based JavaScript code.
It provides a nix-shell environment to run and test these actions locally.
To run any of the scripts locally:
- Enter
nix-shellin./ci/github-script. - Ensure
ghis authenticated.
Check commits
Run ./run commits OWNER REPO PR, where OWNER is your username or "NixOS", REPO is the name of your fork or "nixpkgs" and PR is the number of the pull request to check.
Labeler
Run ./run labels OWNER REPO, where OWNER is your username or "NixOS" and REPO the name of your fork or "nixpkgs".