Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

workflows: switch to NIXPKGS_CI specific variables #373935

Merged
merged 3 commits into from
Jan 15, 2025
Merged

workflows: switch to NIXPKGS_CI specific variables #373935

merged 3 commits into from
Jan 15, 2025

Conversation

JohnRTitor
Copy link
Contributor

This will allow GitHub to run actions on those commits, specifically Eval action. Currently as these merges are commited by github-actions, Eval doesn't run on the commits.

ie, https://github.com/NixOS/nixpkgs/actions/runs/12646467735/job/35237397411?pr=371701 Processing failed due to fa2d66f commit was done by github-actions.

With this every periodic merge will be authored and commited by the nixpkgs-ci bot.

Supercedes #372041

Relevant org discussion: NixOS/org#54

PR created from a NixOS/nixpkgs branch as to make it easier to test.

@JohnRTitor
workflows/backport: switch to new variables
f697628 
As per NixOS/org#54, new variables are now NIXPKGS_CI_APP_ID and NIXPKGS_CI_APP_PRIVATE_KEY.
@JohnRTitor
workflows/periodic-merges: use nixpkgs-ci's token
6ab6314
@github-actions github-actions bot added 6.topic: policy discussion 6.topic: continuous integration Affects continuous integration (CI) in Nixpkgs, including Ofborg and GitHub Actions labels Jan 15, 2025
@github-actions github-actions bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels Jan 15, 2025
@JohnRTitor
Copy link
Contributor Author

Humm, seems like secrets are not being passed properly? https://github.com/NixOS/nixpkgs/actions/runs/12781938173/job/35630648144

@JohnRTitor
workflows/periodic-merges: explicitly inherit the secrets
38ebbf7 
Apparently since we are callling a reusable workflow here, we need to explicitly pass the secrets. :(
@JohnRTitor
Copy link
Contributor Author

Nice, looks like this works now! https://github.com/NixOS/nixpkgs/actions/runs/12782225893/job/35631361946

wolfgangwalther
wolfgangwalther approved these changes Jan 15, 2025
View reviewed changes
Copy link
Contributor

@wolfgangwalther wolfgangwalther left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Should we use the new token for the codeowners workflow, too? (Not sure whether it has the right permissions)

@JohnRTitor
Copy link
Contributor Author

Should we use the new token for the codeowners workflow, too? (Not sure whether it has the right permissions)

nixpkgs-ci has the permissions I believe, but no we should not use it there. nix-owners bot only has access to requesting review, adding labels and other non-write permissions, and for security reasons, apps/workflows should only have access to the things that are deemed absolutely necessary.

@JohnRTitor JohnRTitor merged commit 6e263e8 into master Jan 15, 2025
25 of 29 checks passed
@JohnRTitor JohnRTitor deleted the ci/nixpkgs-ci-migration branch January 15, 2025 14:21
@JohnRTitor JohnRTitor mentioned this pull request Jan 15, 2025
Closed
@wolfgangwalther wolfgangwalther added the backport release-24.11 Backport PR automatically label Jan 19, 2025
@nixpkgs-ci
Copy link
Contributor

nixpkgs-ci bot commented Jan 19, 2025

Backport failed for release-24.11, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-24.11
git worktree add -d .worktree/backport-373935-to-release-24.11 origin/release-24.11
cd .worktree/backport-373935-to-release-24.11
git switch --create backport-373935-to-release-24.11
git cherry-pick -x f6976283058deb6d6eaa30967c09b4ee471e3193 6ab6314d06d25d77c3052fb00c4bdf3d7a5027a2 38ebbf7c4fc018170ac80582f83eb076694ab010

@wolfgangwalther wolfgangwalther removed the backport release-24.11 Backport PR automatically label Jan 19, 2025
@infinisil
Copy link
Member

Because I was confused for a sec: This PR doesn't need to be backported because:

  • The backport action is only useful on master branches (you don't need to backport PRs that are already going to the release branch)
  • The periodic actions are only triggered based on the master branch

@wolfgangwalther
Copy link
Contributor

Correct - I tried backporting to minimize conflicts, but then concluded the same.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wolfgangwalther wolfgangwalther wolfgangwalther approved these changes

@Mic92 Mic92 Awaiting requested review from Mic92

@infinisil infinisil Awaiting requested review from infinisil

@risicle risicle Awaiting requested review from risicle

@LeSuisse LeSuisse Awaiting requested review from LeSuisse

@zowoq zowoq Awaiting requested review from zowoq

@mweinelt mweinelt Awaiting requested review from mweinelt

@azuwis azuwis Awaiting requested review from azuwis

Assignees
No one assigned
Labels
6.topic: continuous integration Affects continuous integration (CI) in Nixpkgs, including Ofborg and GitHub Actions 6.topic: policy discussion 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@JohnRTitor @infinisil @wolfgangwalther