Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: add no-channel check #109543

Merged
merged 2 commits into from Jul 21, 2021
Merged

ci: add no-channel check #109543

merged 2 commits into from Jul 21, 2021

Conversation

zimbatm
Copy link
Member

@zimbatm zimbatm commented Jan 16, 2021
edited

Motivation for this change

Somebody merged a change in nixos-20.09. See #109384

Proposal

This is a proposal to prevent such issues in the future.

  1. Add a CI check that always fails, that contains an explanation.
  2. Configure nixpkgs to require this CI status to pass on the protected branches.

Here is how the error looks like:

image

And the branch protection change that would be put in place:
image

@Mic92
Copy link
Member

Mic92 commented Jan 16, 2021

I assume CI is needed because there is no different way to prevent people from pushing to these branches?

@SuperSandro2000
Copy link
Member

SuperSandro2000 commented Jan 16, 2021
edited

I assume CI is needed because there is no different way to prevent people from pushing to these branches?

I think admins ignore the branch protection.

@zowoq
Copy link
Contributor

zowoq commented Jan 16, 2021
edited

NixOS/ofborg#546 does similar to this with ofborg but I think this is better as we can "require" it which isn't possible with the ofborg check.

Being able to "require" ofborg checks has been mentioned previously but AFAIK there hasn't been anything since #87853 (comment).

@Mic92
Copy link
Member

Mic92 commented Jan 17, 2021

NixOS/ofborg#546 does similar to this with ofborg but I think this is better as we can "require" it which isn't possible with the ofborg check.

Being able to "require" ofborg checks has been mentioned previously but AFAIK there hasn't been anything since #87853 (comment).

I think the major concern there was that if ofborg would be not available the whole nixpkgs development would break. There are probably less concerns with github actions as there is a dedicated team with pager duty.

@zimbatm @cole-h
Update .github/workflows/no-channel.yml
531273c 
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
@cole-h cole-h mentioned this pull request Jan 20, 2021
Merged
@primeos primeos mentioned this pull request May 3, 2021
Open
@stale
Copy link

stale bot commented Jul 21, 2021

I marked this as stale due to inactivity. → More info

@stale stale bot added the 2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md label Jul 21, 2021
@zimbatm zimbatm merged commit b8297c0 into master Jul 21, 2021
@zimbatm zimbatm deleted the ci-no-channel branch July 21, 2021 06:22
zimbatm added a commit to zimbatm/nixpkgs that referenced this pull request Jul 21, 2021
@zimbatm
ci: add no-channel check (NixOS#109543)
b281acf 
* ci: add no-channel check

* Update .github/workflows/no-channel.yml

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
(cherry picked from commit b8297c0)
@zimbatm
Copy link
Member Author

zimbatm commented Jul 21, 2021

Tested and #130906 works as expected

@primeos primeos mentioned this pull request Jul 21, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cole-h cole-h cole-h left review comments

@Mic92 Mic92 Mic92 approved these changes

@zowoq zowoq Awaiting requested review from zowoq zowoq is a code owner

Assignees
No one assigned
Labels
2.status: stale https://github.com/NixOS/nixpkgs/blob/master/.github/STALE-BOT.md 6.topic: policy discussion 10.rebuild-darwin: 0 10.rebuild-linux: 0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@zimbatm @Mic92 @SuperSandro2000 @zowoq @cole-h