Victor Engmark
4177297b14
For reproducibility.
Command:
```shell
for file in .github/workflows/*.y*ml; do
npx pin-github-action --comment=' {ref}' "$file"
done
```
Then had to manually replace all the versions with accurate specifiers
(for example, "v4" → "v4.1.1" in case of `actions/checkout`).
30 lines
1.1 KiB
YAML
30 lines
1.1 KiB
YAML
name: Basic evaluation checks
|
|
|
|
on:
|
|
workflow_dispatch
|
|
# pull_request:
|
|
# branches:
|
|
# - master
|
|
# - release-**
|
|
# push:
|
|
# branches:
|
|
# - master
|
|
# - release-**
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
tests:
|
|
runs-on: ubuntu-latest
|
|
# we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback
|
|
steps:
|
|
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
|
- uses: cachix/install-nix-action@6a9a9e84a173d90b3ffb42c5ddaf9ea033fad011 # v24
|
|
- uses: cachix/cachix-action@6a9a34cdd93d0ae4b4b59fd678660efb08109f2f # v13
|
|
with:
|
|
# This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere.
|
|
name: nixpkgs-ci
|
|
signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
|
|
# explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset
|
|
- run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin" ]'
|