diff --git a/.github/workflows/check-nix-format.yml b/.github/workflows/check-nix-format.yml index a70e132dc459a..44ac72852a10a 100644 --- a/.github/workflows/check-nix-format.yml +++ b/.github/workflows/check-nix-format.yml @@ -8,7 +8,7 @@ name: Check that Nix files are formatted on: pull_request_target: - types: [opened, synchronize, reopened, edited] + workflow_call: permissions: {} diff --git a/.github/workflows/check-nixf-tidy.yml b/.github/workflows/check-nixf-tidy.yml index 8b148ba33bc44..5b337e4c1fa29 100644 --- a/.github/workflows/check-nixf-tidy.yml +++ b/.github/workflows/check-nixf-tidy.yml @@ -2,7 +2,7 @@ name: Check changed Nix files with nixf-tidy (experimental) on: pull_request_target: - types: [opened, synchronize, reopened, edited] + workflow_call: permissions: {} diff --git a/.github/workflows/codeowners-v2.yml b/.github/workflows/codeowners-v2.yml index 8b5267b25c630..e94087c2af59f 100644 --- a/.github/workflows/codeowners-v2.yml +++ b/.github/workflows/codeowners-v2.yml @@ -24,7 +24,8 @@ name: Codeowners v2 on: pull_request_target: - types: [opened, ready_for_review, synchronize, reopened, edited] + types: [opened, ready_for_review, synchronize, reopened] + workflow_call: permissions: {} diff --git a/.github/workflows/edited-base.yml b/.github/workflows/edited-base.yml new file mode 100644 index 0000000000000..7b945d896f539 --- /dev/null +++ b/.github/workflows/edited-base.yml @@ -0,0 +1,46 @@ +# Instead of adding all the jobs to run on a changed base to "edited.yml", we use this intermediate layer. +# This will make it, that in the case of editing the title or description, there will only be a single skipped job +# appearing in the checks list, instead of all the jobs below cluttering the output. + +name: "Edited Base" + +on: + workflow_call: + +permissions: {} + +jobs: + check-nix-format: + name: Check that Nix files are formatted + uses: ./.github/workflows/check-nix-format.yml + + check-nixf-tidy: + name: Check changed Nix files with nixf-tidy (experimental) + uses: ./.github/workflows/check-nixf-tidy.yml + + codeowners-v2: + name: Codeowners v2 + uses: ./.github/workflows/codeowners-v2.yml + + eval: + name: Eval + uses: ./.github/workflows/eval.yml + permissions: + pull-requests: write + statuses: write + + labels: + name: Label PR + uses: ./.github/workflows/labels.yml + permissions: + contents: read + pull-requests: write + + nixpkgs-vet: + name: Vet nixpkgs + uses: ./.github/workflows/nixpkgs-vet.yml + + no-channel: + name: No channel PR + if: startsWith(github.event.pull_request.base.ref, 'nixos-') || startsWith(github.event.pull_request.base.ref, 'nixpkgs-') + uses: ./.github/workflows/no-channel.yml diff --git a/.github/workflows/edited.yml b/.github/workflows/edited.yml new file mode 100644 index 0000000000000..aa954a071bc1c --- /dev/null +++ b/.github/workflows/edited.yml @@ -0,0 +1,28 @@ +# Some workflows depend on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. +# Instead it causes an `edited` event. +# Since `edited` is also triggered when PR title/body is changed, we use this wrapper workflow, to run the other workflows conditionally only. +# There are already feature requests for adding a `base_changed` event: +# - https://github.com/orgs/community/discussions/35058 +# - https://github.com/orgs/community/discussions/64119 +# +# Instead of adding this to each workflow's pull_request_target event, we trigger this in a separate workflow. +# This has the advantage, that we can actually skip running those jobs for simple edits like changing the title or description. + +name: "Edited" + +on: + pull_request_target: + types: [edited] + +permissions: {} + +jobs: + base: + name: Base + if: github.event.changes.base.ref.from && github.event.changes.base.ref.from != github.event.pull_request.base.ref + uses: ./.github/workflows/edited-base.yml + # Currently needed downstream for eval.yml and labels.yml + permissions: + contents: read + pull-requests: write + statuses: write diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml index 273b2e2a05215..4df701dd0deb0 100644 --- a/.github/workflows/eval.yml +++ b/.github/workflows/eval.yml @@ -2,6 +2,7 @@ name: Eval on: pull_request_target: + workflow_call: push: # Keep this synced with ci/request-reviews/dev-branches.txt branches: diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index 80a186bbfa62b..cb5e877957565 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -7,7 +7,7 @@ name: "Label PR" on: pull_request_target: - types: [edited, opened, synchronize, reopened] + workflow_call: permissions: contents: read diff --git a/.github/workflows/nixpkgs-vet.yml b/.github/workflows/nixpkgs-vet.yml index 0b2f4e1c96d36..96e2a09add92f 100644 --- a/.github/workflows/nixpkgs-vet.yml +++ b/.github/workflows/nixpkgs-vet.yml @@ -7,11 +7,7 @@ name: Vet nixpkgs on: pull_request_target: - # This workflow depends on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. - # Instead it causes an `edited` event, so we need to add it explicitly here. - # While `edited` is also triggered when the PR title/body is changed, this PR action is fairly quick, and PRs don't get edited **that** often, so it shouldn't be a problem. - # There is a feature request for adding a `base_changed` event: https://github.com/orgs/community/discussions/35058 - types: [opened, synchronize, reopened, edited] + workflow_call: permissions: {} diff --git a/.github/workflows/no-channel.yml b/.github/workflows/no-channel.yml index acaa937ad9360..d1e30bdb43ab7 100644 --- a/.github/workflows/no-channel.yml +++ b/.github/workflows/no-channel.yml @@ -2,17 +2,16 @@ name: "No channel PR" on: pull_request_target: - # Re-run should be triggered when the base branch is updated, instead of silently failing - types: [opened, synchronize, reopened, edited] branches: - 'nixos-**' - 'nixpkgs-**' + workflow_call: permissions: {} jobs: fail: - name: "This PR is is targeting a channel branch" + name: "This PR is targeting a channel branch" runs-on: ubuntu-24.04 steps: - run: |