Winter
65bb095948
ci: fix issues found by zizmor
...
Co-authored-by: Thomas Gerbet <thomas@gerbet.me>
2025-10-26 20:19:08 +01:00
Maximilian Bosch
9f95c2ace2
linux: new workflow for kernel changes
...
See https://github.com/NixOS/nixpkgs/issues/437208#issuecomment-3288623669
Depends on https://github.com/NixOS/org/pull/172
As documented below, the idea is to essentially group all changes
rebuilding all VM tests with kernel updates and merge them together into
`master` whenever the Linux kernels get updated.
This documents the workflow of updates in the nixpkgs manual. While at
it, I removed the README from the packages because
* it's horribly outdated
* I didn't even know it exists which confirms that its discoverability
was very poor
and added the relevant portions into the nixpkgs manual as well.
2025-10-05 22:59:25 +02:00
Wolfgang Walther
66981875e8
treewide: run yamlfmt
...
This applies changes from running yamlfmt with the `retain_line_breaks`
formatting option enabled.
2025-06-12 14:46:42 +02:00
Wolfgang Walther
0f5e504f9e
workflows: use bash shell explicitly
...
This forces better error handling as described in [1].
Without this change, bash would *not* run with `-o pipefail`, which
means some errors go unnoticed. By naming `bash` explicitly, `-o
pipefail` is enabled.
1:
https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#defaultsrunshell
2025-06-10 21:59:37 +02:00
Wolfgang Walther
38169112e8
workflows/periodic-merge: set custom name for haskell-updates merge
...
The simple name can lead to confusion. Adding an explicit override to
make it more clear.
2025-05-17 14:59:30 +02:00
John Titor
38ebbf7c4f
workflows/periodic-merges: explicitly inherit the secrets
...
Apparently since we are callling a reusable workflow here, we need to explicitly pass the secrets. :(
2025-01-15 11:04:30 +05:30
John Titor
6ab6314d06
workflows/periodic-merges: use nixpkgs-ci's token
2025-01-15 10:29:29 +05:30
Wolfgang Walther
d725592cd1
workflows/periodic-merge: move fork condition to calling workflow
...
Apparently the skipping needs to happen on the calling workflow,
otherwise those workflows show up as "failed" in forks instead of
skipped.
2025-01-12 13:41:05 +01:00
Wolfgang Walther
51b8ad2191
workflows/periodic-merge: create re-usable workflow
...
Less repetition, more consistency.
2025-01-10 18:36:22 +01:00
Wolfgang Walther
88afad8833
workflows: basic consistency in formatting workflows
...
Same top-level ordering of keys / empty lines and same indentation for
yaml lists. One blank line between each step.
Makes it easier to read and compare the workflows.
2025-01-09 21:29:41 +01:00
NAHO
fcfbe6fff4
workflows: update Ubuntu runner to ubuntu-24.04
...
Link: https://github.com/actions/runner-images/issues/10636
2025-01-05 00:18:58 +01:00
NAHO
2660dd1e71
workflows: lock Ubuntu runner to ubuntu-22.04
...
Lock the Ubuntu runner to ubuntu-22.04 to avoid accidental updates [1]
and increase reproducibility.
[1]: https://github.com/actions/runner-images/issues/10636
2025-01-05 00:18:57 +01:00
dependabot[bot]
6baeff261f
build(deps): bump actions/checkout from 4.2.1 to 4.2.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](eef61447b9...11bd71901b
2024-10-28 11:50:56 +00:00
dependabot[bot]
f3143a7eda
build(deps): bump actions/checkout from 4.2.0 to 4.2.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9
2024-10-14 11:35:32 +00:00
dependabot[bot]
b93144cbc0
build(deps): bump actions/checkout from 4.1.7 to 4.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
2024-09-30 12:02:46 +00:00
dependabot[bot]
d14441cfe1
build(deps): bump actions/checkout from 4.1.5 to 4.1.7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...692973e3d9
2024-06-29 22:01:52 +00:00
dependabot[bot]
9f4ea63603
build(deps): bump actions/checkout from 4.1.4 to 4.1.5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
2024-05-13 11:43:41 +00:00
dependabot[bot]
c3ce4079d7
build(deps): bump actions/checkout from 4.1.3 to 4.1.4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1d96c772d1...0ad4b8fada
2024-04-29 11:45:13 +00:00
dependabot[bot]
6bc4e63f5f
build(deps): bump actions/checkout from 4.1.1 to 4.1.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.1...1d96c772d19495a3b5c517cd2bc0cb401ea0529f )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-22 11:31:52 +00:00
dependabot[bot]
677b0f82c7
build(deps): bump actions/checkout from 4.1.1 to 4.1.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
2024-03-18 11:50:32 +00:00
dependabot[bot]
55aa362927
build(deps): bump peter-evans/create-or-update-comment
...
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment ) from 3.1.0 to 4.0.0.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases )
- [Commits](23ff15729e...71345be026
2024-01-29 11:48:14 +00:00
Martin Weinelt
13a5743c44
workflows/periodic-merge: allow manual dispatch
...
Currently there is an eval fix on master and waiting five hours for it
to propagate into staging-next and staging is annoyingly long.
2023-12-02 21:52:46 +01:00
Victor Engmark
4177297b14
ci: pin third party actions
...
For reproducibility.
Command:
```shell
for file in .github/workflows/*.y*ml; do
npx pin-github-action --comment=' {ref}' "$file"
done
```
Then had to manually replace all the versions with accurate specifiers
(for example, "v4" → "v4.1.1" in case of `actions/checkout`).
2023-11-29 09:51:22 +01:00
dependabot[bot]
9a70b1e242
build(deps): bump actions/checkout from 3 to 4
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-11 13:55:35 +02:00
dependabot[bot]
5e73ac2b7d
build(deps): bump peter-evans/create-or-update-comment from 2 to 3
...
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment ) from 2 to 3.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases )
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-11 07:54:37 +10:00
zowoq
bbe49339b8
.github/workflows: fix permissions
...
the merge actions comment on pull requests, seems this was broken by 2c71278a23
2022-09-12 15:34:35 +10:00
Varun Sharma
2c71278a23
ci: Add GitHub token permissions for workflows
...
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
2022-07-08 10:53:38 -07:00
dependabot[bot]
180dada3ed
build(deps): bump peter-evans/create-or-update-comment from 1 to 2
...
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment ) from 1 to 2.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases )
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-23 08:23:37 +01:00
dependabot[bot]
3f2c2d0afa
build(deps): bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
2022-03-02 05:13:13 +01:00
Martin Weinelt
8b77d991b6
.github/workflows/periodic-merge: move stable merges to 24h cycle
2021-10-05 20:53:53 +02:00
dependabot[bot]
05a5144fa9
build(deps): bump devmasx/merge-branch from 1.3.1 to 1.4.0
...
Bumps [devmasx/merge-branch](https://github.com/devmasx/merge-branch ) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/devmasx/merge-branch/releases )
- [Changelog](https://github.com/devmasx/merge-branch/blob/master/CHANGELOG.md )
- [Commits](https://github.com/devmasx/merge-branch/compare/v1.3.1...1.4.0 )
---
updated-dependencies:
- dependency-name: devmasx/merge-branch
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-09-02 07:08:00 +10:00
Malte Brandy
4acf281f00
.github/workflows/periodic-merge-*: Tiny improvements
2021-07-01 00:44:37 +02:00
Martin Weinelt
3f40ca48bc
.github/workflows/periodic-merge: generalize from merge-staging
...
By generalizing the previous merge-staging action we can support a large
number of branch pairs that need to be merged periodically.
Provide two intervals, daily and every six hours, to accomodate
different needs.
Co-Authored-By: Malte Brandy <malte.brandy@maralorn.de>
2021-06-30 22:42:16 +02:00
