about summary refs log tree commit diff
path: root/.github/workflows/nix-parse.yml
blob: 19f3e8b5fd229bb800dbb36c2242916cfe91e877 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
name: "Check whether nix files are parseable"

permissions: read-all

on:
  # avoids approving first time contributors
  pull_request_target:
    branches-ignore:
      - 'release-**'

jobs:
  tests:
    runs-on: ubuntu-latest
    if: "github.repository_owner == 'NixOS' && !contains(github.event.pull_request.title, '[skip treewide]')"
    steps:
    - name: Get list of changed files from PR
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      run: |
        gh api \
          repos/NixOS/nixpkgs/pulls/${{github.event.number}}/files --paginate \
          | jq --raw-output '.[] | select(.status != "removed" and (.filename | endswith(".nix"))) | .filename' \
          > "$HOME/changed_files"
        if [[ -s "$HOME/changed_files" ]]; then
          echo "CHANGED_FILES=$HOME/changed_files" > "$GITHUB_ENV"
        fi
    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
      with:
        # pull_request_target checks out the base branch by default
        ref: refs/pull/${{ github.event.pull_request.number }}/merge
      if: ${{ env.CHANGED_FILES && env.CHANGED_FILES != '' }}
    - uses: cachix/install-nix-action@8887e596b4ee1134dae06b98d573bd674693f47c # v26
      with:
        nix_path: nixpkgs=channel:nixpkgs-unstable
    - name: Parse all changed or added nix files
      run: |
        ret=0
        while IFS= read -r file; do
          out="$(nix-instantiate --parse "$file")" || { echo "$out" && ret=1; }
        done < "$HOME/changed_files"
        exit "$ret"
      if: ${{ env.CHANGED_FILES && env.CHANGED_FILES != '' }}