From 9b01e09a350a8cb2fc86215bcaa040562e439597 Mon Sep 17 00:00:00 2001 From: Wolfgang Walther Date: Wed, 8 Jan 2025 22:01:14 +0100 Subject: [PATCH] workflows: avoid running jobs when editing title etc. We intend to use the edited event to react to base branch changes - but before this change, we also ran those jobs on simple edits like title or description. While this works for some of the quicker jobs, it will not be sustainable for all evaluation-related jobs. But evaluation needs to be re-triggered on a base branch change as well, thus this change. --- .github/workflows/check-format.yml | 1 - .github/workflows/codeowners-v2.yml | 2 +- .github/workflows/edited.yml | 49 +++++++++++++++++++++++++++++ .github/workflows/labels.yml | 1 - .github/workflows/nixpkgs-vet.yml | 5 --- .github/workflows/no-channel.yml | 2 -- 6 files changed, 50 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/edited.yml diff --git a/.github/workflows/check-format.yml b/.github/workflows/check-format.yml index ca3da602575b1..fe5d43a92b0e5 100644 --- a/.github/workflows/check-format.yml +++ b/.github/workflows/check-format.yml @@ -2,7 +2,6 @@ name: Check that files are formatted on: pull_request_target: - types: [opened, synchronize, reopened, edited] permissions: {} diff --git a/.github/workflows/codeowners-v2.yml b/.github/workflows/codeowners-v2.yml index 98c769236b221..d8ee183f8bd64 100644 --- a/.github/workflows/codeowners-v2.yml +++ b/.github/workflows/codeowners-v2.yml @@ -24,7 +24,7 @@ name: Codeowners v2 on: pull_request_target: - types: [opened, ready_for_review, synchronize, reopened, edited] + types: [opened, ready_for_review, synchronize, reopened] permissions: {} diff --git a/.github/workflows/edited.yml b/.github/workflows/edited.yml new file mode 100644 index 0000000000000..37b7dc7e53d12 --- /dev/null +++ b/.github/workflows/edited.yml @@ -0,0 +1,49 @@ +# Some workflows depend on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. +# Instead it causes an `edited` event. +# Since `edited` is also triggered when PR title/body is changed, we use this wrapper workflow, to run the other workflows conditionally only. +# There are already feature requests for adding a `base_changed` event: +# - https://github.com/orgs/community/discussions/35058 +# - https://github.com/orgs/community/discussions/64119 +# +# Instead of adding this to each workflow's pull_request_target event, we trigger this in a separate workflow. +# This has the advantage, that we can actually skip running those jobs for simple edits like changing the title or description. +# The actual trigger happens by closing and re-opening the pull request, which triggers the default pull_request_target events. +# This is much simpler and reliable than other approaches. + +name: "Edited base branch" + +on: + pull_request_target: + types: [edited] + +permissions: {} + +jobs: + base: + name: Trigger jobs + runs-on: ubuntu-24.04 + if: github.event.changes.base.ref.from && github.event.changes.base.ref.from != github.event.pull_request.base.ref + steps: + # Use a GitHub App to create the PR so that CI gets triggered + # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs + # We only need Pull Requests: write here, but the app is also used for backports. + - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 + id: app-token + with: + app-id: ${{ vars.NIXPKGS_CI_APP_ID }} + private-key: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }} + permission-pull-requests: write + + - env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + REPOSITORY: ${{ github.repository }} + NUMBER: ${{ github.event.number }} + run: | + gh api \ + --method PATCH \ + /repos/"$REPOSITORY"/pulls/"$NUMBER" \ + -f "state=closed" + gh api \ + --method PATCH \ + /repos/"$REPOSITORY"/pulls/"$NUMBER" \ + -f "state=open" diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index e3423ce169f47..630a725dfd9e5 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -7,7 +7,6 @@ name: "Label PR" on: pull_request_target: - types: [edited, opened, synchronize, reopened] permissions: contents: read diff --git a/.github/workflows/nixpkgs-vet.yml b/.github/workflows/nixpkgs-vet.yml index 80d6ba0b9aba0..137299f2d78ec 100644 --- a/.github/workflows/nixpkgs-vet.yml +++ b/.github/workflows/nixpkgs-vet.yml @@ -7,11 +7,6 @@ name: Vet nixpkgs on: pull_request_target: - # This workflow depends on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. - # Instead it causes an `edited` event, so we need to add it explicitly here. - # While `edited` is also triggered when the PR title/body is changed, this PR action is fairly quick, and PRs don't get edited **that** often, so it shouldn't be a problem. - # There is a feature request for adding a `base_changed` event: https://github.com/orgs/community/discussions/35058 - types: [opened, synchronize, reopened, edited] permissions: {} diff --git a/.github/workflows/no-channel.yml b/.github/workflows/no-channel.yml index ce0d50fed15d6..53e5587025f91 100644 --- a/.github/workflows/no-channel.yml +++ b/.github/workflows/no-channel.yml @@ -2,8 +2,6 @@ name: "No channel PR" on: pull_request_target: - # Re-run should be triggered when the base branch is updated, instead of silently failing - types: [opened, synchronize, reopened, edited] permissions: {}