From f652f9ec574235ea55af7f2595ed83cb38cd1720 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 9 Oct 2024 23:11:15 +0200 Subject: [PATCH 1/5] ci/request-reviews: Check the fixed revision instead of the branch Before it was possible to get this sequence: - A commit is pushed, workflow is being started - Another commit is pushed within a couple seconds, another workflow is being started - Both workflows now check the state of the base branch, running the same check twice since the base branch points at the same commit This fixes that problem by making it use the Git hash that actually triggered the event. --- ci/request-reviews/request-reviews.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/ci/request-reviews/request-reviews.sh b/ci/request-reviews/request-reviews.sh index c7f481d464204..76520209f8365 100755 --- a/ci/request-reviews/request-reviews.sh +++ b/ci/request-reviews/request-reviews.sh @@ -36,6 +36,8 @@ prRepo=$(jq -r .head.repo.full_name <<< "$prInfo") log "PR repo: $prRepo" prBranch=$(jq -r .head.ref <<< "$prInfo") log "PR branch: $prBranch" +prRev=$(jq -r .head.sha <<< "$prInfo") +log "PR revision: $prBranch" prAuthor=$(jq -r .user.login <<< "$prInfo") log "PR author: $prAuthor" @@ -60,7 +62,7 @@ git -C "$tmp/nixpkgs.git" config remote.fork.promisor true # This should not conflict with any refs in Nixpkgs headRef=refs/remotes/fork/pr # Only fetch into a remote ref, because the local ref namespace is used by Nixpkgs, don't want any conflicts -git -C "$tmp/nixpkgs.git" fetch --no-tags fork "$prBranch":"$headRef" +git -C "$tmp/nixpkgs.git" fetch --no-tags fork "$prRev":"$headRef" log "Checking correctness of the base branch" if ! "$SCRIPT_DIR"/verify-base-branch.sh "$tmp/nixpkgs.git" "$headRef" "$baseRepo" "$baseBranch" "$prRepo" "$prBranch" | tee "$tmp/invalid-base-error" >&2; then From 516c00a48a02991f2cc6d3ca50fc43eaac0d68f7 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Fri, 4 Oct 2024 02:22:38 +0200 Subject: [PATCH 2/5] Arm --- .github/CODEOWNERS | 391 ------------------------------- .github/OWNERS | 12 +- .github/workflows/codeowners.yml | 11 +- infinisil | 0 infinisil-github-test | 0 infinixbot | 0 multiple | 0 noteam | 0 8 files changed, 10 insertions(+), 404 deletions(-) delete mode 100644 .github/CODEOWNERS create mode 100644 infinisil create mode 100644 infinisil-github-test create mode 100644 infinixbot create mode 100644 multiple create mode 100644 noteam diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index f84abe7fc4b2f..0000000000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,391 +0,0 @@ -# CODEOWNERS file -# -# This file is used to describe who owns what in this repository. This file does not -# replace `meta.maintainers` but is instead used for other things than derivations -# and modules, like documentation, package sets, and other assets. -# -# For documentation on this file, see https://help.github.com/articles/about-codeowners/ -# Mentioned users will get code review requests. -# -# IMPORTANT NOTE: in order to actually get pinged, commit access is required. -# This also holds true for GitHub teams. Since almost none of our teams have write -# permissions, you need to list all members of the team with commit access individually. - -# CI -/.github/workflows @NixOS/Security @Mic92 @zowoq -/.github/workflows/check-nix-format.yml @infinisil -/.github/workflows/nixpkgs-vet.yml @infinisil @philiptaron -/.github/workflows/codeowners.yml @infinisil -/.github/OWNERS @infinisil -/ci @infinisil @philiptaron @NixOS/Security - -# Development support -/.editorconfig @Mic92 @zowoq -/shell.nix @infinisil @NixOS/Security - -# Libraries -/lib @infinisil -/lib/systems @alyssais @ericson2314 -/lib/generators.nix @infinisil @Profpatsch -/lib/cli.nix @infinisil @Profpatsch -/lib/debug.nix @infinisil @Profpatsch -/lib/asserts.nix @infinisil @Profpatsch -/lib/path/* @infinisil -/lib/fileset @infinisil -## Libraries / Module system -/lib/modules.nix @infinisil @roberth -/lib/types.nix @infinisil @roberth -/lib/options.nix @infinisil @roberth -/lib/tests/modules.sh @infinisil @roberth -/lib/tests/modules @infinisil @roberth - -# Nixpkgs Internals -/default.nix @Ericson2314 -/pkgs/top-level/default.nix @Ericson2314 -/pkgs/top-level/impure.nix @Ericson2314 -/pkgs/top-level/stage.nix @Ericson2314 -/pkgs/top-level/splice.nix @Ericson2314 -/pkgs/top-level/release-cross.nix @Ericson2314 -/pkgs/top-level/by-name-overlay.nix @infinisil @philiptaron -/pkgs/stdenv @philiptaron -/pkgs/stdenv/generic @Ericson2314 -/pkgs/stdenv/generic/check-meta.nix @Ericson2314 -/pkgs/stdenv/cross @Ericson2314 -/pkgs/build-support @philiptaron -/pkgs/build-support/cc-wrapper @Ericson2314 -/pkgs/build-support/bintools-wrapper @Ericson2314 -/pkgs/build-support/setup-hooks @Ericson2314 -/pkgs/build-support/setup-hooks/auto-patchelf.sh @layus -/pkgs/build-support/setup-hooks/auto-patchelf.py @layus -/pkgs/pkgs-lib @infinisil -## Format generators/serializers -/pkgs/pkgs-lib/formats/libconfig @h7x4 -/pkgs/pkgs-lib/formats/hocon @h7x4 - -# Nixpkgs build-support -/pkgs/build-support/writers @lassulus @Profpatsch - -# Nixpkgs make-disk-image -/doc/build-helpers/images/makediskimage.section.md @raitobezarius -/nixos/lib/make-disk-image.nix @raitobezarius - -# Nix, the package manager -# @raitobezarius is not "code owner", but is listed here to be notified of changes -# pertaining to the Nix package manager. -# i.e. no authority over those files. -pkgs/tools/package-management/nix/ @NixOS/nix-team @raitobezarius -nixos/modules/installer/tools/nix-fallback-paths.nix @NixOS/nix-team @raitobezarius - -# Nixpkgs documentation -/maintainers/scripts/db-to-md.sh @jtojnar @ryantm -/maintainers/scripts/doc @jtojnar @ryantm - -# Contributor documentation -/CONTRIBUTING.md @infinisil -/.github/PULL_REQUEST_TEMPLATE.md @infinisil -/doc/contributing/ @infinisil -/doc/contributing/contributing-to-documentation.chapter.md @jtojnar @infinisil -/lib/README.md @infinisil -/doc/README.md @infinisil -/nixos/README.md @infinisil -/pkgs/README.md @infinisil -/pkgs/by-name/README.md @infinisil -/maintainers/README.md @infinisil - -# User-facing development documentation -/doc/development.md @infinisil -/doc/development @infinisil - -# NixOS Internals -/nixos/default.nix @infinisil -/nixos/lib/from-env.nix @infinisil -/nixos/lib/eval-config.nix @infinisil -/nixos/modules/system/activation/bootspec.nix @grahamc @cole-h @raitobezarius -/nixos/modules/system/activation/bootspec.cue @grahamc @cole-h @raitobezarius - -# NixOS integration test driver -/nixos/lib/test-driver @tfc - -# NixOS QEMU virtualisation -/nixos/modules/virtualisation/qemu-vm.nix @raitobezarius - -# ACME -/nixos/modules/security/acme @arianvp @flokli @aanderse @emilazy # no merge permission: @m1cr0man - -# Systemd -/nixos/modules/system/boot/systemd.nix @NixOS/systemd -/nixos/modules/system/boot/systemd @NixOS/systemd -/nixos/lib/systemd-*.nix @NixOS/systemd -/pkgs/os-specific/linux/systemd @NixOS/systemd - -# Systemd-boot -/nixos/modules/system/boot/loader/systemd-boot @JulienMalka - -# Images and installer media -/nixos/modules/profiles/installation-device.nix @ElvishJerricco -/nixos/modules/installer/cd-dvd/ @ElvishJerricco -/nixos/modules/installer/sd-card/ - -# Updaters -## update.nix -/maintainers/scripts/update.nix @jtojnar -/maintainers/scripts/update.py @jtojnar -## common-updater-scripts -/pkgs/common-updater/scripts/update-source-version @jtojnar - -# Python-related code and docs -/doc/languages-frameworks/python.section.md @mweinelt @natsukium -/maintainers/scripts/update-python-libraries @natsukium -/pkgs/development/interpreters/python @natsukium -/pkgs/top-level/python-packages.nix @natsukium -/pkgs/top-level/release-python.nix @natsukium - -# Haskell -/doc/languages-frameworks/haskell.section.md @sternenseemann @maralorn -/maintainers/scripts/haskell @sternenseemann @maralorn -/pkgs/development/compilers/ghc @sternenseemann @maralorn -/pkgs/development/haskell-modules @sternenseemann @maralorn -/pkgs/test/haskell @sternenseemann @maralorn -/pkgs/top-level/release-haskell.nix @sternenseemann @maralorn -/pkgs/top-level/haskell-packages.nix @sternenseemann @maralorn - -# Perl -/pkgs/development/interpreters/perl @stigtsp @zakame @marcusramberg -/pkgs/top-level/perl-packages.nix @stigtsp @zakame @marcusramberg -/pkgs/development/perl-modules @stigtsp @zakame @marcusramberg - -# R -/pkgs/applications/science/math/R @jbedo -/pkgs/development/r-modules @jbedo - -# Rust -/pkgs/development/compilers/rust @Mic92 @zowoq @winterqt @figsoda -/pkgs/build-support/rust @zowoq @winterqt @figsoda -/doc/languages-frameworks/rust.section.md @zowoq @winterqt @figsoda - -# C compilers -/pkgs/development/compilers/gcc -/pkgs/development/compilers/llvm @alyssais @RossComputerGuy -/pkgs/development/compilers/emscripten @raitobezarius -/doc/languages-frameworks/emscripten.section.md @raitobezarius - -# Audio -/nixos/modules/services/audio/botamusique.nix @mweinelt -/nixos/modules/services/audio/snapserver.nix @mweinelt -/nixos/tests/botamusique.nix @mweinelt -/nixos/tests/snapcast.nix @mweinelt - -# Browsers -/pkgs/applications/networking/browsers/firefox @mweinelt -/pkgs/applications/networking/browsers/chromium @emilylange -/nixos/tests/chromium.nix @emilylange - -# Certificate Authorities -pkgs/data/misc/cacert/ @ajs124 @lukegb @mweinelt -pkgs/development/libraries/nss/ @ajs124 @lukegb @mweinelt -pkgs/development/python-modules/buildcatrust/ @ajs124 @lukegb @mweinelt - -# Jetbrains -/pkgs/applications/editors/jetbrains @edwtjo - -# Licenses -/lib/licenses.nix @alyssais - -# Qt -/pkgs/development/libraries/qt-5 @K900 @NickCao @SuperSandro2000 @ttuegel -/pkgs/development/libraries/qt-6 @K900 @NickCao @SuperSandro2000 @ttuegel - -# KDE / Plasma 5 -/pkgs/applications/kde @K900 @NickCao @SuperSandro2000 @ttuegel -/pkgs/desktops/plasma-5 @K900 @NickCao @SuperSandro2000 @ttuegel -/pkgs/development/libraries/kde-frameworks @K900 @NickCao @SuperSandro2000 @ttuegel - -# KDE / Plasma 6 -/pkgs/kde @K900 @NickCao @SuperSandro2000 @ttuegel -/maintainers/scripts/kde @K900 @NickCao @SuperSandro2000 @ttuegel - -# PostgreSQL and related stuff -/pkgs/servers/sql/postgresql @thoughtpolice -/nixos/modules/services/databases/postgresql.md @thoughtpolice -/nixos/modules/services/databases/postgresql.nix @thoughtpolice -/nixos/tests/postgresql.nix @thoughtpolice - -# Hardened profile & related modules -/nixos/modules/profiles/hardened.nix @joachifm -/nixos/modules/security/lock-kernel-modules.nix @joachifm -/nixos/modules/security/misc.nix @joachifm -/nixos/tests/hardened.nix @joachifm -/pkgs/os-specific/linux/kernel/hardened/config.nix @joachifm - -# Home Automation -/nixos/modules/services/home-automation/home-assistant.nix @mweinelt -/nixos/modules/services/home-automation/zigbee2mqtt.nix @mweinelt -/nixos/tests/home-assistant.nix @mweinelt -/nixos/tests/zigbee2mqtt.nix @mweinelt -/pkgs/servers/home-assistant @mweinelt -/pkgs/tools/misc/esphome @mweinelt - -# Network Time Daemons -/pkgs/tools/networking/chrony @thoughtpolice -/pkgs/tools/networking/ntp @thoughtpolice -/pkgs/tools/networking/openntpd @thoughtpolice -/nixos/modules/services/networking/ntp @thoughtpolice - -# Network -/pkgs/tools/networking/kea/default.nix @mweinelt -/pkgs/tools/networking/babeld/default.nix @mweinelt -/nixos/modules/services/networking/babeld.nix @mweinelt -/nixos/modules/services/networking/kea.nix @mweinelt -/nixos/modules/services/networking/knot.nix @mweinelt -/nixos/modules/services/monitoring/prometheus/exporters/kea.nix @mweinelt -/nixos/tests/babeld.nix @mweinelt -/nixos/tests/kea.nix @mweinelt -/nixos/tests/knot.nix @mweinelt - -# Web servers -/doc/packages/nginx.section.md @raitobezarius -/pkgs/servers/http/nginx/ @raitobezarius -/nixos/modules/services/web-servers/nginx/ @raitobezarius - -# Dhall -/pkgs/development/dhall-modules @Gabriella439 @Profpatsch @ehmry -/pkgs/development/interpreters/dhall @Gabriella439 @Profpatsch @ehmry - -# Idris -/pkgs/development/idris-modules @Infinisil -/pkgs/development/compilers/idris2 @mattpolzin - -# Bazel -/pkgs/development/tools/build-managers/bazel @Profpatsch - -# NixOS modules for e-mail and dns services -/nixos/modules/services/mail/mailman.nix @peti -/nixos/modules/services/mail/postfix.nix @peti -/nixos/modules/services/networking/bind.nix @peti -/nixos/modules/services/mail/rspamd.nix @peti - -# Emacs -/pkgs/applications/editors/emacs/elisp-packages @adisbladis -/pkgs/applications/editors/emacs @adisbladis -/pkgs/top-level/emacs-packages.nix @adisbladis - -# Kakoune -/pkgs/applications/editors/kakoune @philiptaron - -# Neovim -/pkgs/applications/editors/neovim @figsoda @teto - -# VimPlugins -/pkgs/applications/editors/vim/plugins @figsoda - -# VsCode Extensions -/pkgs/applications/editors/vscode/extensions - -# PHP interpreter, packages, extensions, tests and documentation -/doc/languages-frameworks/php.section.md @aanderse @drupol @globin @ma27 @talyz -/nixos/tests/php @aanderse @drupol @globin @ma27 @talyz -/pkgs/build-support/php/build-pecl.nix @aanderse @drupol @globin @ma27 @talyz -/pkgs/build-support/php @drupol -/pkgs/development/interpreters/php @jtojnar @aanderse @drupol @globin @ma27 @talyz -/pkgs/development/php-packages @aanderse @drupol @globin @ma27 @talyz -/pkgs/top-level/php-packages.nix @jtojnar @aanderse @drupol @globin @ma27 @talyz - -# Docker tools -/pkgs/build-support/docker @roberth -/nixos/tests/docker-tools* @roberth -/doc/build-helpers/images/dockertools.section.md @roberth - -# Blockchains -/pkgs/applications/blockchains @mmahut @RaghavSood - -# Go -/doc/languages-frameworks/go.section.md @kalbasit @katexochen @Mic92 @zowoq -/pkgs/build-support/go @kalbasit @katexochen @Mic92 @zowoq -/pkgs/development/compilers/go @kalbasit @katexochen @Mic92 @zowoq - -# GNOME -/pkgs/desktops/gnome @jtojnar -/pkgs/desktops/gnome/extensions @jtojnar -/pkgs/build-support/make-hardcode-gsettings-patch @jtojnar - -# Cinnamon -/pkgs/by-name/ci/cinnamon-* @mkg20001 -/pkgs/by-name/cj/cjs @mkg20001 -/pkgs/by-name/mu/muffin @mkg20001 -/pkgs/by-name/ne/nemo @mkg20001 -/pkgs/by-name/ne/nemo-* @mkg20001 - -# nim -/pkgs/development/compilers/nim @ehmry - -# terraform providers -/pkgs/applications/networking/cluster/terraform-providers @zowoq - -# Forgejo -nixos/modules/services/misc/forgejo.nix @adamcstephens @bendlas @emilylange -pkgs/by-name/fo/forgejo/ @adamcstephens @bendlas @emilylange - -# Dotnet -/pkgs/build-support/dotnet @corngood -/pkgs/development/compilers/dotnet @corngood -/pkgs/test/dotnet @corngood -/doc/languages-frameworks/dotnet.section.md @corngood - -# Node.js -/pkgs/build-support/node/build-npm-package @winterqt -/pkgs/build-support/node/fetch-npm-deps @winterqt -/doc/languages-frameworks/javascript.section.md @winterqt - -# OCaml -/pkgs/build-support/ocaml @ulrikstrid -/pkgs/development/compilers/ocaml @ulrikstrid -/pkgs/development/ocaml-modules @ulrikstrid - -# ZFS -pkgs/os-specific/linux/zfs/2_1.nix @raitobezarius -pkgs/os-specific/linux/zfs/generic.nix @raitobezarius -nixos/modules/tasks/filesystems/zfs.nix @raitobezarius -nixos/tests/zfs.nix @raitobezarius - -# Zig -/pkgs/development/compilers/zig @figsoda -/doc/hooks/zig.section.md @figsoda - -# Buildbot -nixos/modules/services/continuous-integration/buildbot @Mic92 @zowoq -nixos/tests/buildbot.nix @Mic92 @zowoq -pkgs/development/tools/continuous-integration/buildbot @Mic92 @zowoq - -# Pretix -pkgs/by-name/pr/pretix/ @mweinelt -pkgs/by-name/pr/pretalx/ @mweinelt -nixos/modules/services/web-apps/pretix.nix @mweinelt -nixos/modules/services/web-apps/pretalx.nix @mweinelt -nixos/tests/web-apps/pretix.nix @mweinelt -nixos/tests/web-apps/pretalx.nix @mweinelt - -# incus/lxc -nixos/maintainers/scripts/incus/ @adamcstephens -nixos/modules/virtualisation/incus.nix @adamcstephens -nixos/modules/virtualisation/lxc* @adamcstephens -nixos/tests/incus/ @adamcstephens -pkgs/by-name/in/incus/ @adamcstephens -pkgs/by-name/lx/lxc* @adamcstephens - -# ExpidusOS, Flutter -/pkgs/development/compilers/flutter @RossComputerGuy -/pkgs/desktops/expidus @RossComputerGuy - -# GNU Tar & Zip -/pkgs/tools/archivers/gnutar @RossComputerGuy -/pkgs/tools/archivers/zip @RossComputerGuy - -# SELinux -/pkgs/os-specific/linux/checkpolicy @RossComputerGuy -/pkgs/os-specific/linux/libselinux @RossComputerGuy -/pkgs/os-specific/linux/libsepol @RossComputerGuy - -# installShellFiles -/pkgs/by-name/in/installShellFiles/* @Ericson2314 -/pkgs/test/install-shell-files/* @Ericson2314 -/doc/hooks/installShellFiles.section.md @Ericson2314 diff --git a/.github/OWNERS b/.github/OWNERS index 94f0ef5b6934d..1d73e3b721c0f 100644 --- a/.github/OWNERS +++ b/.github/OWNERS @@ -1,8 +1,3 @@ -# -# Currently unused! Use CODEOWNERS for now, see workflows/codeowners.yml -# -#################### -# # This file is used to describe who owns what in this repository. # Users/teams will get review requests for PRs that change their files. # @@ -17,3 +12,10 @@ # - No reviews will be requested for PRs that target the wrong base branch. # # Processing of this file is implemented in workflows/codeowners.yml + +/infinisil @infinisil +/infinisil-github-test @infinisil-github-test +/noteam @Infinisil-s-Test-Organization/noteam +/infinixbot @infinixbot + +/multiple @infinisil @infinisil-github-test @infinixbot @Infinisil-s-Test-Organization/noteam diff --git a/.github/workflows/codeowners.yml b/.github/workflows/codeowners.yml index 48596356fd743..d22a42bc30110 100644 --- a/.github/workflows/codeowners.yml +++ b/.github/workflows/codeowners.yml @@ -13,14 +13,9 @@ on: types: [opened, ready_for_review, synchronize, reopened, edited] env: - # TODO: Once confirmed that this works by seeing that the action would request - # reviews from the same people (or refuse for wrong base branches), - # move all entries from CODEOWNERS to OWNERS, remove these two lines and uncomment the ones below - OWNERS_FILE: .github/CODEOWNERS - DRY_MODE: 1 - # OWNERS_FILE: .github/OWNERS - # # Don't do anything on draft PRs - # DRY_MODE: ${{ github.event.pull_request.draft && '1' || '' }} + OWNERS_FILE: .github/OWNERS + # Don't do anything on draft PRs + DRY_MODE: ${{ github.event.pull_request.draft && '1' || '' }} jobs: # Check that code owners is valid diff --git a/infinisil b/infinisil new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/infinisil-github-test b/infinisil-github-test new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/infinixbot b/infinixbot new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/multiple b/multiple new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/noteam b/noteam new file mode 100644 index 0000000000000..e69de29bb2d1d From 51aad1bada5128d99df9bbd6fb51e8a6339bb89b Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Tue, 8 Oct 2024 22:26:24 +0200 Subject: [PATCH 3/5] Master change --- infinisil-github-test | 2 ++ 1 file changed, 2 insertions(+) diff --git a/infinisil-github-test b/infinisil-github-test index e69de29bb2d1d..3f808fe665dc1 100644 --- a/infinisil-github-test +++ b/infinisil-github-test @@ -0,0 +1,2 @@ + +foo From 94aca0ecba1a5bba33855253a31e36dd99efd91d Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 9 Oct 2024 23:24:03 +0200 Subject: [PATCH 4/5] Update multiple --- multiple | 1 + 1 file changed, 1 insertion(+) diff --git a/multiple b/multiple index e69de29bb2d1d..e48b03ece74f4 100644 --- a/multiple +++ b/multiple @@ -0,0 +1 @@ +foo From 50c47cd880f7f6a2fd6970e04e346df721908518 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 9 Oct 2024 23:24:58 +0200 Subject: [PATCH 5/5] Update multiple --- multiple | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/multiple b/multiple index e48b03ece74f4..d3f5a12faa997 100644 --- a/multiple +++ b/multiple @@ -1 +1 @@ -foo +