mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-11-09 16:18:34 +01:00
c25dd6c655
In fb32eb0f29 we moved the checked-out
worktrees into a `nixpkgs` directory. Update the input descriptions to
reflect this.
97 lines
3.8 KiB
YAML
97 lines
3.8 KiB
YAML
name: Checkout
|
|
|
|
description: 'Checkout into trusted / untrusted / pinned folders consistently.'
|
|
|
|
inputs:
|
|
merged-as-untrusted-at:
|
|
description: "Whether and which SHA to checkout for the merge commit in the ./nixpkgs/untrusted folder."
|
|
target-as-trusted-at:
|
|
description: "Whether and which SHA to checkout for the target commit in the ./nixpkgs/trusted folder."
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
|
|
env:
|
|
MERGED_SHA: ${{ inputs.merged-as-untrusted-at }}
|
|
TARGET_SHA: ${{ inputs.target-as-trusted-at }}
|
|
with:
|
|
script: |
|
|
const { spawn } = require('node:child_process')
|
|
const { join } = require('node:path')
|
|
|
|
async function run(cmd, ...args) {
|
|
return new Promise((resolve, reject) => {
|
|
const proc = spawn(cmd, args, {
|
|
stdio: 'inherit'
|
|
})
|
|
proc.on('close', (code) => {
|
|
if (code === 0) resolve()
|
|
else reject(code)
|
|
})
|
|
})
|
|
}
|
|
|
|
// These are set automatically by the spare checkout for .github/actions.
|
|
// Undo them, otherwise git fetch below will not do anything.
|
|
await run('git', 'config', 'unset', 'remote.origin.promisor')
|
|
await run('git', 'config', 'unset', 'remote.origin.partialclonefilter')
|
|
|
|
// Getting the pinned SHA via API allows us to do one single fetch call for all commits.
|
|
// Otherwise we would have to fetch merged/target first, read pinned, fetch again.
|
|
// A single fetch call comes with a lot less overhead. The fetch takes essentially the
|
|
// same time no matter whether its 1, 2 or 3 commits at once.
|
|
async function getPinnedSha(ref) {
|
|
if (!ref) return undefined
|
|
const { content, encoding } = (await github.rest.repos.getContent({
|
|
...context.repo,
|
|
path: 'ci/pinned.json',
|
|
ref,
|
|
})).data
|
|
const pinned = JSON.parse(Buffer.from(content, encoding).toString())
|
|
return pinned.pins.nixpkgs.revision
|
|
}
|
|
|
|
const commits = [
|
|
{
|
|
sha: process.env.MERGED_SHA,
|
|
path: 'untrusted',
|
|
},
|
|
{
|
|
sha: await getPinnedSha(process.env.MERGED_SHA),
|
|
path: 'untrusted-pinned'
|
|
},
|
|
{
|
|
sha: process.env.TARGET_SHA,
|
|
path: 'trusted',
|
|
},
|
|
{
|
|
sha: await getPinnedSha(process.env.TARGET_SHA),
|
|
path: 'trusted-pinned'
|
|
}
|
|
].filter(({ sha }) => Boolean(sha))
|
|
|
|
console.log('Checking out the following commits:', commits)
|
|
|
|
// Fetching all commits at once is much faster than doing multiple checkouts.
|
|
// This would fail without --refetch, because the we had a partial clone before, but changed it above.
|
|
await run('git', 'fetch', '--depth=1', '--refetch', 'origin', ...(commits.map(({ sha }) => sha)))
|
|
|
|
// Checking out onto tmpfs takes 1s and is faster by at least factor 10x.
|
|
await run('mkdir', 'nixpkgs')
|
|
switch (process.env.RUNNER_OS) {
|
|
case 'macOS':
|
|
await run('sudo', 'mount_tmpfs', 'nixpkgs')
|
|
break
|
|
case 'Linux':
|
|
await run('sudo', 'mount', '-t', 'tmpfs', 'tmpfs', 'nixpkgs')
|
|
break
|
|
}
|
|
|
|
// Create all worktrees in parallel.
|
|
await Promise.all(commits.map(async ({ sha, path }) => {
|
|
await run('git', 'worktree', 'add', join('nixpkgs', path), sha, '--no-checkout')
|
|
await run('git', '-C', join('nixpkgs', path), 'sparse-checkout', 'disable')
|
|
await run('git', '-C', join('nixpkgs', path), 'checkout', '--progress')
|
|
}))
|