aboutsummaryrefslogtreecommitdiff
path: root/.github/workflows
diff options
context:
space:
mode:
Diffstat (limited to '.github/workflows')
-rw-r--r--.github/workflows/backport.yml32
-rw-r--r--.github/workflows/ci.yml135
-rw-r--r--.github/workflows/hydra_status.yml19
-rw-r--r--.github/workflows/labels.yml24
4 files changed, 0 insertions, 210 deletions
diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml
deleted file mode 100644
index 12c60c649..000000000
--- a/.github/workflows/backport.yml
+++ /dev/null
@@ -1,32 +0,0 @@
-name: Backport
-on:
- pull_request_target:
- types: [closed, labeled]
-permissions:
- contents: read
-jobs:
- backport:
- name: Backport Pull Request
- permissions:
- # for zeebe-io/backport-action
- contents: write
- pull-requests: write
- if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name))
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v4
- with:
- ref: ${{ github.event.pull_request.head.sha }}
- # required to find all branches
- fetch-depth: 0
- - name: Create backport PRs
- # should be kept in sync with `version`
- uses: zeebe-io/backport-action@v1.4.0
- with:
- # Config README: https://github.com/zeebe-io/backport-action#backport-action
- github_token: ${{ secrets.GITHUB_TOKEN }}
- github_workspace: ${{ github.workspace }}
- pull_description: |-
- Automatic backport to `${target_branch}`, triggered by a label in #${pull_number}.
- # should be kept in sync with `uses`
- version: v0.0.5
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
deleted file mode 100644
index 0c9c24dad..000000000
--- a/.github/workflows/ci.yml
+++ /dev/null
@@ -1,135 +0,0 @@
-name: "CI"
-
-on:
- pull_request:
- push:
-
-permissions: read-all
-
-jobs:
-
- tests:
- needs: [check_secrets]
- strategy:
- fail-fast: false
- matrix:
- os: [ubuntu-latest, macos-latest]
- runs-on: ${{ matrix.os }}
- timeout-minutes: 60
- steps:
- - uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - uses: cachix/install-nix-action@v23
- with:
- # The sandbox would otherwise be disabled by default on Darwin
- extra_nix_config: "sandbox = true"
- - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- - uses: cachix/cachix-action@v12
- if: needs.check_secrets.outputs.cachix == 'true'
- with:
- name: '${{ env.CACHIX_NAME }}'
- signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
- authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- - run: nix --experimental-features 'nix-command flakes' flake check -L
-
- check_secrets:
- permissions:
- contents: none
- name: Check Cachix and Docker secrets present for installer tests
- runs-on: ubuntu-latest
- outputs:
- cachix: ${{ steps.secret.outputs.cachix }}
- docker: ${{ steps.secret.outputs.docker }}
- steps:
- - name: Check for secrets
- id: secret
- env:
- _CACHIX_SECRETS: ${{ secrets.CACHIX_SIGNING_KEY }}${{ secrets.CACHIX_AUTH_TOKEN }}
- _DOCKER_SECRETS: ${{ secrets.DOCKERHUB_USERNAME }}${{ secrets.DOCKERHUB_TOKEN }}
- run: |
- echo "::set-output name=cachix::${{ env._CACHIX_SECRETS != '' }}"
- echo "::set-output name=docker::${{ env._DOCKER_SECRETS != '' }}"
-
- installer:
- needs: [tests, check_secrets]
- if: github.event_name == 'push' && needs.check_secrets.outputs.cachix == 'true'
- runs-on: ubuntu-latest
- outputs:
- installerURL: ${{ steps.prepare-installer.outputs.installerURL }}
- steps:
- - uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- - uses: cachix/install-nix-action@v23
- with:
- install_url: https://releases.nixos.org/nix/nix-2.13.3/install
- - uses: cachix/cachix-action@v12
- with:
- name: '${{ env.CACHIX_NAME }}'
- signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
- authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- - id: prepare-installer
- run: scripts/prepare-installer-for-github-actions
-
- installer_test:
- needs: [installer, check_secrets]
- if: github.event_name == 'push' && needs.check_secrets.outputs.cachix == 'true'
- strategy:
- fail-fast: false
- matrix:
- os: [ubuntu-latest, macos-latest]
- runs-on: ${{ matrix.os }}
- steps:
- - uses: actions/checkout@v4
- - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- - uses: cachix/install-nix-action@v23
- with:
- install_url: '${{needs.installer.outputs.installerURL}}'
- install_options: "--tarball-url-prefix https://${{ env.CACHIX_NAME }}.cachix.org/serve"
- - run: sudo apt install fish zsh
- if: matrix.os == 'ubuntu-latest'
- - run: brew install fish
- if: matrix.os == 'macos-latest'
- - run: exec bash -c "nix-instantiate -E 'builtins.currentTime' --eval"
- - run: exec sh -c "nix-instantiate -E 'builtins.currentTime' --eval"
- - run: exec zsh -c "nix-instantiate -E 'builtins.currentTime' --eval"
- - run: exec fish -c "nix-instantiate -E 'builtins.currentTime' --eval"
- - run: exec bash -c "nix-channel --add https://releases.nixos.org/nixos/unstable/nixos-23.05pre466020.60c1d71f2ba nixpkgs"
- - run: exec bash -c "nix-channel --update && nix-env -iA nixpkgs.hello && hello"
-
- docker_push_image:
- needs: [check_secrets, tests]
- if: >-
- github.event_name == 'push' &&
- github.ref_name == 'master' &&
- needs.check_secrets.outputs.cachix == 'true' &&
- needs.check_secrets.outputs.docker == 'true'
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - uses: cachix/install-nix-action@v23
- with:
- install_url: https://releases.nixos.org/nix/nix-2.13.3/install
- - run: echo CACHIX_NAME="$(echo $GITHUB_REPOSITORY-install-tests | tr "[A-Z]/" "[a-z]-")" >> $GITHUB_ENV
- - run: echo NIX_VERSION="$(nix --experimental-features 'nix-command flakes' eval .\#default.version | tr -d \")" >> $GITHUB_ENV
- - uses: cachix/cachix-action@v12
- if: needs.check_secrets.outputs.cachix == 'true'
- with:
- name: '${{ env.CACHIX_NAME }}'
- signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
- authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- - run: nix --experimental-features 'nix-command flakes' build .#dockerImage -L
- - run: docker load -i ./result/image.tar.gz
- - run: docker tag nix:$NIX_VERSION nixos/nix:$NIX_VERSION
- - run: docker tag nix:$NIX_VERSION nixos/nix:master
- - name: Login to Docker Hub
- uses: docker/login-action@v3
- with:
- username: ${{ secrets.DOCKERHUB_USERNAME }}
- password: ${{ secrets.DOCKERHUB_TOKEN }}
- - run: docker push nixos/nix:$NIX_VERSION
- - run: docker push nixos/nix:master
diff --git a/.github/workflows/hydra_status.yml b/.github/workflows/hydra_status.yml
deleted file mode 100644
index 2fa89d72c..000000000
--- a/.github/workflows/hydra_status.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-name: Hydra status
-
-permissions: read-all
-
-on:
- schedule:
- - cron: "12,42 * * * *"
- workflow_dispatch:
-
-jobs:
- check_hydra_status:
- name: Check Hydra status
- if: github.repository_owner == 'NixOS'
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v4
- with:
- fetch-depth: 0
- - run: bash scripts/check-hydra-status.sh
diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml
deleted file mode 100644
index d83cb4f18..000000000
--- a/.github/workflows/labels.yml
+++ /dev/null
@@ -1,24 +0,0 @@
-name: "Label PR"
-
-on:
- pull_request_target:
- types: [edited, opened, synchronize, reopened]
-
-# WARNING:
-# When extending this action, be aware that $GITHUB_TOKEN allows some write
-# access to the GitHub API. This means that it should not evaluate user input in
-# a way that allows code injection.
-
-permissions:
- contents: read
- pull-requests: write
-
-jobs:
- labels:
- runs-on: ubuntu-latest
- if: github.repository_owner == 'NixOS'
- steps:
- - uses: actions/labeler@v4
- with:
- repo-token: ${{ secrets.GITHUB_TOKEN }}
- sync-labels: false