Loading .github/workflows/build.yml +4 −1 Original line number Diff line number Diff line Loading @@ -3,6 +3,9 @@ name: Build on: workflow_call: inputs: artifact-prefix: required: true type: string baseBranch: required: true type: string Loading Loading @@ -100,5 +103,5 @@ jobs: contains(fromJSON(inputs.baseBranch).type, 'primary') uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: nixos-manual-${{ matrix.name }} name: ${{ inputs.artifact-prefix }}nixos-manual-${{ matrix.name }} path: nixos-manual .github/workflows/eval.yml +33 −13 Original line number Diff line number Diff line Loading @@ -3,6 +3,9 @@ name: Eval on: workflow_call: inputs: artifact-prefix: required: true type: string mergedSha: required: true type: string Loading Loading @@ -119,19 +122,29 @@ jobs: # Note: Keep the same further down in sync! - name: Evaluate the ${{ matrix.system }} output paths at the target commit if: inputs.targetSha env: MATRIX_SYSTEM: ${{ matrix.system }} # This is very quick, because it pulls the eval results from Cachix. run: | nix-build nixpkgs/trusted/ci --arg nixpkgs ./nixpkgs/trusted-pinned -A eval.singleSystem \ TARGET_DRV=$(nix-instantiate nixpkgs/trusted/ci --arg nixpkgs ./nixpkgs/trusted-pinned -A eval.singleSystem \ --argstr evalSystem "$MATRIX_SYSTEM" \ --arg chunkSize 8000 \ --argstr nixPath "nixVersions.latest" \ --out-link target --argstr nixPath "nixVersions.latest") # Try to fetch this from Cachix a few times, for up to 30 seconds. This avoids running Eval # twice in the Merge Queue, when a later item finishes Eval at the merge commit earlier. for _i in {1..6}; do # Using --max-jobs 0 will cause nix-build to fail if this can't be substituted from cachix. if nix-build "$TARGET_DRV" --max-jobs 0; then break fi sleep 5 done # Either fetches from Cachix or runs Eval itself. The fallback is required # for pull requests into wip-branches without merge queue. nix-build "$TARGET_DRV" --out-link target - name: Compare outpaths against the target branch if: inputs.targetSha env: MATRIX_SYSTEM: ${{ matrix.system }} run: | Loading @@ -142,16 +155,15 @@ jobs: --out-link diff - name: Upload outpaths diff and stats if: inputs.targetSha uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: ${{ matrix.version && format('{0}-', matrix.version) || '' }}diff-${{ matrix.system }} name: ${{ inputs.artifact-prefix }}${{ matrix.version && format('{0}-', matrix.version) || '' }}diff-${{ matrix.system }} path: diff/* compare: runs-on: ubuntu-24.04-arm needs: [eval] if: inputs.targetSha && !cancelled() && !failure() if: ${{ !cancelled() && !failure() }} permissions: statuses: write timeout-minutes: 5 Loading @@ -169,7 +181,7 @@ jobs: - name: Download output paths and eval stats for all systems uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: pattern: diff-* pattern: ${{ inputs.artifact-prefix }}diff-* path: diff merge-multiple: true Loading @@ -182,6 +194,12 @@ jobs: --arg diffDir ./diff \ --out-link combined - name: Upload the maintainer list uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: ${{ inputs.artifact-prefix }}maintainers path: combined/maintainers.json - name: Compare against the target branch env: AUTHOR_ID: ${{ github.event.pull_request.user.id }} Loading @@ -202,7 +220,7 @@ jobs: - name: Upload the comparison results uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: comparison name: ${{ inputs.artifact-prefix }}comparison path: comparison/* - name: Add eval summary to commit statuses Loading Loading @@ -250,6 +268,7 @@ jobs: - name: Add version comparison table to job summary uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 env: ARTIFACT_PREFIX: ${{ inputs.artifact-prefix }} SYSTEMS: ${{ inputs.systems }} VERSIONS: ${{ needs.versions.outputs.versions }} with: Loading @@ -257,6 +276,7 @@ jobs: const { readFileSync } = require('node:fs') const path = require('node:path') const prefix = process.env.ARTIFACT_PREFIX const systems = JSON.parse(process.env.SYSTEMS) const versions = JSON.parse(process.env.VERSIONS) Loading @@ -272,7 +292,7 @@ jobs: [{ data: version }].concat( systems.map((system) => { try { const artifact = path.join('versions', `${version}-diff-${system}`) const artifact = path.join('versions', `${prefix}${version}-diff-${system}`) const time = Math.round( parseFloat( readFileSync( Loading .github/workflows/merge-group.yml +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ on: merge_group: workflow_call: inputs: artifact-prefix: required: true type: string mergedSha: required: true type: string Loading Loading @@ -54,7 +57,9 @@ jobs: secrets: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} with: artifact-prefix: ${{ inputs.artifact-prefix }} mergedSha: ${{ inputs.mergedSha || github.event.merge_group.head_sha }} targetSha: ${{ inputs.targetSha || github.event.merge_group.base_sha }} systems: ${{ needs.prepare.outputs.systems }} # This job's only purpose is to create the target for the "Required Status Checks" branch ruleset. Loading .github/workflows/pr.yml +8 −0 Original line number Diff line number Diff line Loading @@ -3,6 +3,10 @@ name: PR on: pull_request_target: workflow_call: inputs: artifact-prefix: required: true type: string secrets: CACHIX_AUTH_TOKEN: required: true Loading Loading @@ -90,6 +94,7 @@ jobs: secrets: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} with: artifact-prefix: ${{ inputs.artifact-prefix }} mergedSha: ${{ needs.prepare.outputs.mergedSha }} targetSha: ${{ needs.prepare.outputs.targetSha }} systems: ${{ needs.prepare.outputs.systems }} Loading @@ -116,6 +121,8 @@ jobs: uses: ./.github/workflows/reviewers.yml secrets: OWNER_APP_PRIVATE_KEY: ${{ secrets.OWNER_APP_PRIVATE_KEY }} with: artifact-prefix: ${{ inputs.artifact-prefix }} build: name: Build Loading @@ -124,6 +131,7 @@ jobs: secrets: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} with: artifact-prefix: ${{ inputs.artifact-prefix }} baseBranch: ${{ needs.prepare.outputs.baseBranch }} mergedSha: ${{ needs.prepare.outputs.mergedSha }} Loading .github/workflows/reviewers.yml +8 −2 Original line number Diff line number Diff line Loading @@ -7,6 +7,10 @@ on: pull_request_target: types: [ready_for_review] workflow_call: inputs: artifact-prefix: required: true type: string secrets: OWNER_APP_PRIVATE_KEY: required: true Loading Loading @@ -91,6 +95,8 @@ jobs: - name: Wait for comparison to be done uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 id: eval env: ARTIFACT: ${{ inputs.artifact-prefix }}comparison with: script: | const run_id = (await github.rest.actions.listWorkflowRuns({ Loading @@ -111,7 +117,7 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, run_id, name: 'comparison' name: process.env.ARTIFACT, }) if (result.data.total_count > 0) return await new Promise(resolve => setTimeout(resolve, 5000)) Loading @@ -128,7 +134,7 @@ jobs: with: run-id: ${{ steps.eval.outputs.run-id }} github-token: ${{ github.token }} pattern: comparison pattern: ${{ inputs.artifact-prefix }}comparison path: comparison merge-multiple: true Loading Loading
.github/workflows/build.yml +4 −1 Original line number Diff line number Diff line Loading @@ -3,6 +3,9 @@ name: Build on: workflow_call: inputs: artifact-prefix: required: true type: string baseBranch: required: true type: string Loading Loading @@ -100,5 +103,5 @@ jobs: contains(fromJSON(inputs.baseBranch).type, 'primary') uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: nixos-manual-${{ matrix.name }} name: ${{ inputs.artifact-prefix }}nixos-manual-${{ matrix.name }} path: nixos-manual
.github/workflows/eval.yml +33 −13 Original line number Diff line number Diff line Loading @@ -3,6 +3,9 @@ name: Eval on: workflow_call: inputs: artifact-prefix: required: true type: string mergedSha: required: true type: string Loading Loading @@ -119,19 +122,29 @@ jobs: # Note: Keep the same further down in sync! - name: Evaluate the ${{ matrix.system }} output paths at the target commit if: inputs.targetSha env: MATRIX_SYSTEM: ${{ matrix.system }} # This is very quick, because it pulls the eval results from Cachix. run: | nix-build nixpkgs/trusted/ci --arg nixpkgs ./nixpkgs/trusted-pinned -A eval.singleSystem \ TARGET_DRV=$(nix-instantiate nixpkgs/trusted/ci --arg nixpkgs ./nixpkgs/trusted-pinned -A eval.singleSystem \ --argstr evalSystem "$MATRIX_SYSTEM" \ --arg chunkSize 8000 \ --argstr nixPath "nixVersions.latest" \ --out-link target --argstr nixPath "nixVersions.latest") # Try to fetch this from Cachix a few times, for up to 30 seconds. This avoids running Eval # twice in the Merge Queue, when a later item finishes Eval at the merge commit earlier. for _i in {1..6}; do # Using --max-jobs 0 will cause nix-build to fail if this can't be substituted from cachix. if nix-build "$TARGET_DRV" --max-jobs 0; then break fi sleep 5 done # Either fetches from Cachix or runs Eval itself. The fallback is required # for pull requests into wip-branches without merge queue. nix-build "$TARGET_DRV" --out-link target - name: Compare outpaths against the target branch if: inputs.targetSha env: MATRIX_SYSTEM: ${{ matrix.system }} run: | Loading @@ -142,16 +155,15 @@ jobs: --out-link diff - name: Upload outpaths diff and stats if: inputs.targetSha uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: ${{ matrix.version && format('{0}-', matrix.version) || '' }}diff-${{ matrix.system }} name: ${{ inputs.artifact-prefix }}${{ matrix.version && format('{0}-', matrix.version) || '' }}diff-${{ matrix.system }} path: diff/* compare: runs-on: ubuntu-24.04-arm needs: [eval] if: inputs.targetSha && !cancelled() && !failure() if: ${{ !cancelled() && !failure() }} permissions: statuses: write timeout-minutes: 5 Loading @@ -169,7 +181,7 @@ jobs: - name: Download output paths and eval stats for all systems uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: pattern: diff-* pattern: ${{ inputs.artifact-prefix }}diff-* path: diff merge-multiple: true Loading @@ -182,6 +194,12 @@ jobs: --arg diffDir ./diff \ --out-link combined - name: Upload the maintainer list uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: ${{ inputs.artifact-prefix }}maintainers path: combined/maintainers.json - name: Compare against the target branch env: AUTHOR_ID: ${{ github.event.pull_request.user.id }} Loading @@ -202,7 +220,7 @@ jobs: - name: Upload the comparison results uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: comparison name: ${{ inputs.artifact-prefix }}comparison path: comparison/* - name: Add eval summary to commit statuses Loading Loading @@ -250,6 +268,7 @@ jobs: - name: Add version comparison table to job summary uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 env: ARTIFACT_PREFIX: ${{ inputs.artifact-prefix }} SYSTEMS: ${{ inputs.systems }} VERSIONS: ${{ needs.versions.outputs.versions }} with: Loading @@ -257,6 +276,7 @@ jobs: const { readFileSync } = require('node:fs') const path = require('node:path') const prefix = process.env.ARTIFACT_PREFIX const systems = JSON.parse(process.env.SYSTEMS) const versions = JSON.parse(process.env.VERSIONS) Loading @@ -272,7 +292,7 @@ jobs: [{ data: version }].concat( systems.map((system) => { try { const artifact = path.join('versions', `${version}-diff-${system}`) const artifact = path.join('versions', `${prefix}${version}-diff-${system}`) const time = Math.round( parseFloat( readFileSync( Loading
.github/workflows/merge-group.yml +5 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,9 @@ on: merge_group: workflow_call: inputs: artifact-prefix: required: true type: string mergedSha: required: true type: string Loading Loading @@ -54,7 +57,9 @@ jobs: secrets: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} with: artifact-prefix: ${{ inputs.artifact-prefix }} mergedSha: ${{ inputs.mergedSha || github.event.merge_group.head_sha }} targetSha: ${{ inputs.targetSha || github.event.merge_group.base_sha }} systems: ${{ needs.prepare.outputs.systems }} # This job's only purpose is to create the target for the "Required Status Checks" branch ruleset. Loading
.github/workflows/pr.yml +8 −0 Original line number Diff line number Diff line Loading @@ -3,6 +3,10 @@ name: PR on: pull_request_target: workflow_call: inputs: artifact-prefix: required: true type: string secrets: CACHIX_AUTH_TOKEN: required: true Loading Loading @@ -90,6 +94,7 @@ jobs: secrets: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} with: artifact-prefix: ${{ inputs.artifact-prefix }} mergedSha: ${{ needs.prepare.outputs.mergedSha }} targetSha: ${{ needs.prepare.outputs.targetSha }} systems: ${{ needs.prepare.outputs.systems }} Loading @@ -116,6 +121,8 @@ jobs: uses: ./.github/workflows/reviewers.yml secrets: OWNER_APP_PRIVATE_KEY: ${{ secrets.OWNER_APP_PRIVATE_KEY }} with: artifact-prefix: ${{ inputs.artifact-prefix }} build: name: Build Loading @@ -124,6 +131,7 @@ jobs: secrets: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} with: artifact-prefix: ${{ inputs.artifact-prefix }} baseBranch: ${{ needs.prepare.outputs.baseBranch }} mergedSha: ${{ needs.prepare.outputs.mergedSha }} Loading
.github/workflows/reviewers.yml +8 −2 Original line number Diff line number Diff line Loading @@ -7,6 +7,10 @@ on: pull_request_target: types: [ready_for_review] workflow_call: inputs: artifact-prefix: required: true type: string secrets: OWNER_APP_PRIVATE_KEY: required: true Loading Loading @@ -91,6 +95,8 @@ jobs: - name: Wait for comparison to be done uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 id: eval env: ARTIFACT: ${{ inputs.artifact-prefix }}comparison with: script: | const run_id = (await github.rest.actions.listWorkflowRuns({ Loading @@ -111,7 +117,7 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, run_id, name: 'comparison' name: process.env.ARTIFACT, }) if (result.data.total_count > 0) return await new Promise(resolve => setTimeout(resolve, 5000)) Loading @@ -128,7 +134,7 @@ jobs: with: run-id: ${{ steps.eval.outputs.run-id }} github-token: ${{ github.token }} pattern: comparison pattern: ${{ inputs.artifact-prefix }}comparison path: comparison merge-multiple: true Loading
![nixpkgs-ci[bot]'s avatar](https://secure.gravatar.com/avatar/21d9e4256a026824783d9069d7622ceb22d44398fd318ddfee596c72e5556369?s=48&d=identicon "nixpkgs-ci[bot]")