Skip to content

Commit

Permalink
Merge branch 'master' into update-addwater
Browse files Browse the repository at this point in the history
  • Loading branch information
thtrf authored Jan 4, 2025
2 parents 122d9dc + 92de48d commit 3f7531f
Show file tree
Hide file tree
Showing 6,756 changed files with 74,108 additions and 85,686 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
2 changes: 2 additions & 0 deletions .github/workflows/codeowners-v2.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ name: Codeowners v2
#
# This split is done because checking code owners requires handling untrusted PR input,
# while requesting code owners requires PR write access, and those shouldn't be mixed.
#
# Note that the latter is also used for ./eval.yml requesting reviewers.

on:
pull_request_target:
Expand Down
51 changes: 48 additions & 3 deletions .github/workflows/eval.yml
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ needs.get-merge-commit.outputs.mergedSha }}
fetch-depth: 2
path: nixpkgs

- name: Install Nix
Expand Down Expand Up @@ -194,12 +195,18 @@ jobs:
- name: Compare against the base branch
if: steps.baseRunId.outputs.baseRunId
run: |
nix-build nixpkgs/ci -A eval.compare \
git -C nixpkgs worktree add ../base ${{ needs.attrs.outputs.baseSha }}
git -C nixpkgs diff --name-only ${{ needs.attrs.outputs.baseSha }} ${{ needs.attrs.outputs.mergedSha }} \
| jq --raw-input --slurp 'split("\n")[:-1]' > touched-files.json
# Use the base branch to get accurate maintainer info
nix-build base/ci -A eval.compare \
--arg beforeResultDir ./baseResult \
--arg afterResultDir ./prResult \
--arg touchedFilesJson ./touched-files.json \
-o comparison
cat comparison/step-summary.md >> "$GITHUB_STEP_SUMMARY"
# TODO: Request reviews from maintainers for packages whose files are modified in the PR
- name: Upload the combined results
if: steps.baseRunId.outputs.baseRunId
Expand All @@ -212,18 +219,41 @@ jobs:
tag:
name: Tag
runs-on: ubuntu-latest
needs: process
needs: [ attrs, process ]
if: needs.process.outputs.baseRunId
permissions:
pull-requests: write
statuses: write
steps:
# See ./codeowners-v2.yml, reuse the same App because we need the same permissions
# Can't use the token received from permissions above, because it can't get enough permissions
- uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
id: app-token
with:
app-id: ${{ vars.OWNER_APP_ID }}
private-key: ${{ secrets.OWNER_APP_PRIVATE_KEY }}

- name: Download process result
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: comparison
path: comparison

- name: Install Nix
uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30

# Important: This workflow job runs with extra permissions,
# so we need to make sure to not run untrusted code from PRs
- name: Check out Nixpkgs at the base commit
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ needs.attrs.outputs.baseSha }}
path: base
sparse-checkout: ci

- name: Build the requestReviews derivation
run: nix-build base/ci -A requestReviews

- name: Tagging pull request
run: |
# Get all currently set rebuild labels
Expand Down Expand Up @@ -252,10 +282,25 @@ jobs:
/repos/"$REPOSITORY"/issues/"$NUMBER"/labels \
-f "labels[]=$toAdd"
done < <(comm -13 before after)
# maintainers.json contains GitHub IDs. Look up handles to request reviews from.
# There appears to be no API to request reviews based on GitHub IDs
jq -r 'keys[]' comparison/maintainers.json \
| while read -r id; do gh api /user/"$id" --jq .login; done \
| GH_TOKEN=${{ steps.app-token.outputs.token }} result/bin/process-reviewers.sh "$REPOSITORY" "$NUMBER" "$AUTHOR" \
> reviewers.json
# Request reviewers from maintainers of changed output paths
GH_TOKEN=${{ steps.app-token.outputs.token }} gh api \
--method POST \
/repos/"$REPOSITORY"/pulls/"$NUMBER"/requested_reviewers \
--input reviewers.json
env:
GH_TOKEN: ${{ github.token }}
REPOSITORY: ${{ github.repository }}
NUMBER: ${{ github.event.number }}
AUTHOR: ${{ github.event.pull_request.user.login }}

- name: Add eval summary to commit statuses
if: ${{ github.event_name == 'pull_request_target' }}
Expand Down
9 changes: 4 additions & 5 deletions .github/workflows/no-channel.yml
Original file line number Diff line number Diff line change
@@ -1,18 +1,17 @@
name: "No channel PR"

on:
pull_request:
pull_request_target:
# Re-run should be triggered when the base branch is updated, instead of silently failing
types: [opened, synchronize, reopened, edited]
branches:
- 'nixos-**'
- 'nixpkgs-**'

permissions:
contents: read
permissions: {}

jobs:
fail:
permissions:
contents: none
name: "This PR is is targeting a channel branch"
runs-on: ubuntu-latest
steps:
Expand Down
34 changes: 0 additions & 34 deletions .github/workflows/ofborg-pending.yml

This file was deleted.

6 changes: 0 additions & 6 deletions .github/workflows/periodic-merge-24h.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,6 @@ jobs:
max-parallel: 1
matrix:
pairs:
- from: master
into: haskell-updates
- from: release-24.05
into: staging-next-24.05
- from: staging-next-24.05
into: staging-24.05
- from: release-24.11
into: staging-next-24.11
- from: staging-next-24.11
Expand Down
59 changes: 59 additions & 0 deletions .github/workflows/periodic-merge-haskell-updates.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
# This action periodically merges a merge base of master and staging into haskell-updates.
#
# haskell-updates is based on master (so there are little unrelated failures and the cache
# is already prepopulated), but needs to target staging due to the high amount of rebuilds
# it typically causes. To prevent unrelated commits clattering the GitHub UI, we need to
# take care to only merge the merge-base of master and staging into haskell-updates.
#
# See also https://github.com/NixOS/nixpkgs/issues/361143.

name: "Periodic Merges (haskell-updates)"


on:
schedule:
# * is a special character in YAML so you have to quote this string
# Merge every 24 hours
- cron: '0 0 * * *'
workflow_dispatch:

permissions:
contents: read

jobs:
periodic-merge:
permissions:
contents: write # for devmasx/merge-branch to merge branches
pull-requests: write # for peter-evans/create-or-update-comment to create or update comment
if: github.repository_owner == 'NixOS'
runs-on: ubuntu-latest
name: git merge-base master staging → haskell-updates
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0

# Note: If we want to do something similar for more branches, we can move this into a
# separate job, so we can use the matrix strategy again.
- name: Find merge base of master and staging
id: find_merge_base_step
run: |
merge_base="$(git merge-base refs/remotes/origin/master refs/remotes/origin/staging)"
echo "Found merge base: $merge_base" >&2
echo "merge_base=$merge_base" >> "$GITHUB_OUTPUT"
- name: git merge-base master staging → haskell-updates
uses: devmasx/merge-branch@854d3ac71ed1e9deb668e0074781b81fdd6e771f # 1.4.0
with:
type: now
head_to_merge: ${{ steps.find_merge_base_step.outputs.merge_base }}
target_branch: haskell-updates
github_token: ${{ secrets.GITHUB_TOKEN }}

- name: Comment on failure
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
if: ${{ failure() }}
with:
issue-number: 367709
body: |
Periodic merge from `${{ steps.find_merge_base_step.outputs.merge_base }}` into `haskell-updates` has [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}).
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@ __pycache__

# generated by pkgs/common-updater/update-script.nix
update-git-commits.txt
/*.log

# JetBrains IDEA module declaration file
/nixpkgs.iml
3 changes: 3 additions & 0 deletions .mailmap
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ Fiona Behrens <[email protected]>
Fiona Behrens <[email protected]> <[email protected]>
goatastronaut0212 <[email protected]> <[email protected]>
Janne Heß <[email protected]> <[email protected]>
jopejoe1 <[email protected]>
jopejoe1 <[email protected]> <[email protected]>
jopejoe1 <[email protected]> <[email protected]>
Jörg Thalheim <[email protected]> <[email protected]>
Lin Jian <[email protected]> <[email protected]>
Lin Jian <[email protected]> <[email protected]>
Expand Down
2 changes: 1 addition & 1 deletion COPYING
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Copyright (c) 2003-2024 Eelco Dolstra and the Nixpkgs/NixOS contributors
Copyright (c) 2003-2025 Eelco Dolstra and the Nixpkgs/NixOS contributors

Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
Expand Down
29 changes: 24 additions & 5 deletions ci/eval/compare/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,11 @@
writeText,
...
}:
{ beforeResultDir, afterResultDir }:
{
beforeResultDir,
afterResultDir,
touchedFilesJson,
}:
let
/*
Derivation that computes which packages are affected (added, changed or removed) between two revisions of nixpkgs.
Expand Down Expand Up @@ -77,11 +81,11 @@ let
# - values: lists of `packagePlatformPath`s
diffAttrs = diff beforeAttrs afterAttrs;

rebuilds = uniqueStrings (diffAttrs.added ++ diffAttrs.changed);
rebuildsPackagePlatformAttrs = convertToPackagePlatformAttrs rebuilds;

changed-paths =
let
rebuilds = uniqueStrings (diffAttrs.added ++ diffAttrs.changed);
rebuildsPackagePlatformAttrs = convertToPackagePlatformAttrs rebuilds;

rebuildsByPlatform = groupByPlatform rebuildsPackagePlatformAttrs;
rebuildsByKernel = groupByKernel rebuildsPackagePlatformAttrs;
rebuildCountByKernel = lib.mapAttrs (
Expand All @@ -96,19 +100,34 @@ let
rebuildsByKernel
rebuildCountByKernel
;
labels = getLabels rebuildCountByKernel;
labels =
(getLabels rebuildCountByKernel)
# Adds "10.rebuild-*-stdenv" label if the "stdenv" attribute was changed
++ lib.mapAttrsToList (kernel: _: "10.rebuild-${kernel}-stdenv") (
lib.filterAttrs (_: kernelRebuilds: kernelRebuilds ? "stdenv") rebuildsByKernel
);
}
);

maintainers = import ./maintainers.nix {
changedattrs = lib.unique (map (a: a.packagePath) rebuildsPackagePlatformAttrs);
changedpathsjson = touchedFilesJson;
};
in
runCommand "compare"
{
nativeBuildInputs = [ jq ];
maintainers = builtins.toJSON maintainers;
passAsFile = [ "maintainers" ];
}
''
mkdir $out
cp ${changed-paths} $out/changed-paths.json
jq -r -f ${./generate-step-summary.jq} < ${changed-paths} > $out/step-summary.md
cp "$maintainersPath" "$out/maintainers.json"
# TODO: Compare eval stats
''
Loading

0 comments on commit 3f7531f

Please sign in to comment.