diff options
| author | Silvan Mosberger <silvan.mosberger@tweag.io> | 2024-03-22 02:20:08 +0100 |
|---|---|---|
| committer | Silvan Mosberger <silvan.mosberger@tweag.io> | 2024-03-26 21:24:48 +0100 |
| commit | f7ea336cb2bd403bb0bc8ce9ce48479a1427de18 (patch) | |
| tree | 1ea917e3296372ac0d32c9d153df88c1350c99e4 /pkgs/test/check-by-name/README.md | |
| parent | ccf8f3a8fbb0593f91cf59bb813678d805f10004 (diff) | |
workflows/check-by-name.yml: Switch to new separate repo
The nixpkgs-check-by-name tooling is [being moved](https://github.com/NixOS/nixpkgs/issues/286559#issuecomment-2000466124) to a [separate repo](https://github.com/NixOS/nixpkgs-check-by-name). This commit updates Nixpkgs CI to use it instead of the tree inside Nixpkgs No changes have been made to the tooling locally since it was moved: - [Exported history](https://github.com/NixOS/nixpkgs/commits/55bf02190ee57fcf83490fd7b6bf7834e28c9c86/pkgs/test/nixpkgs-check-by-name) - [Imported history](https://github.com/NixOS/nixpkgs-check-by-name/commits/d579e1821d56c79fd90dab34b991cc7bdab7a5c6/)
Diffstat (limited to 'pkgs/test/check-by-name/README.md')
| -rw-r--r-- | pkgs/test/check-by-name/README.md | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/pkgs/test/check-by-name/README.md b/pkgs/test/check-by-name/README.md new file mode 100644 index 0000000000000..c68e7a93b7d0e --- /dev/null +++ b/pkgs/test/check-by-name/README.md @@ -0,0 +1,31 @@ +# `pkgs/by-name` check CI scripts + +This directory contains scripts and files used and related to the CI running the `pkgs/by-name` checks in Nixpkgs. +See also the [CI GitHub Action](../../../.github/workflows/check-by-name.yml). + +## `./run-local.sh BASE_BRANCH [REPOSITORY]` + +Runs the `pkgs/by-name` check on the HEAD commit, closely matching what CI does. + +Note that this can't do exactly the same as CI, +because CI needs to rely on GitHub's server-side Git history to compute the mergeability of PRs before the check can be started. +In turn when running locally, we don't want to have to push commits to test them, +and we can also rely on the local Git history to do the mergeability check. + +Arguments: +- `BASE_BRANCH`: The base branch to use, e.g. master or release-23.11 +- `REPOSITORY`: The repository to fetch the base branch from, defaults to https://github.com/NixOS/nixpkgs.git + +## `./update-pinned-tool.sh` + +Updates the pinned [nixpkgs-check-by-name tool](https://github.com/NixOS/nixpkgs-check-by-name) in [`./pinned-version.txt`](./pinned-version.txt) to the latest [release](https://github.com/NixOS/nixpkgs-check-by-name/releases). +Each release contains a pre-built x86_64-linux version of the tool which is used by CI. + +This script currently needs to be called manually when the CI tooling needs to be updated. + +Why not just build the tooling right from the PRs Nixpkgs version? +- Because it allows CI to check all PRs, even if they would break the CI tooling. +- Because it makes the CI check very fast, since no Nix builds need to be done, even for mass rebuilds. +- Because it improves security, since we don't have to build potentially untrusted code from PRs. + The tool only needs a very minimal Nix evaluation at runtime, which can work with [readonly-mode](https://nixos.org/manual/nix/stable/command-ref/opt-common.html#opt-readonly-mode) and [restrict-eval](https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-restrict-eval). + |