From 042d2e6417955834abf69920bfe066a07ba26f07 Mon Sep 17 00:00:00 2001 From: Wolfgang Walther Date: Wed, 8 Jan 2025 22:01:14 +0100 Subject: [PATCH] workflows: avoid running jobs when editing title etc. We intend to use the edited event to react to base branch changes - but before this change, we also ran those jobs on simple edits like title or description. While this works for some of the quicker jobs, it will not be sustainable for all evaluation-related jobs. But evaluation needs to be re-triggered on a base branch change as well, thus this change. (cherry picked from commit 9b01e09a350a8cb2fc86215bcaa040562e439597) --- .github/workflows/check-format.yml | 1 - .github/workflows/codeowners-v2.yml | 2 +- .github/workflows/edited.yml | 49 +++++++++++++++++++++++++++++ .github/workflows/labels.yml | 1 - .github/workflows/nixpkgs-vet.yml | 5 --- .github/workflows/no-channel.yml | 2 -- 6 files changed, 50 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/edited.yml diff --git a/.github/workflows/check-format.yml b/.github/workflows/check-format.yml index 01312cd8f170f..cdc0176b2671f 100644 --- a/.github/workflows/check-format.yml +++ b/.github/workflows/check-format.yml @@ -5,7 +5,6 @@ on: paths: - .github/workflows/check-format.yml pull_request_target: - types: [opened, synchronize, reopened, edited] permissions: {} diff --git a/.github/workflows/codeowners-v2.yml b/.github/workflows/codeowners-v2.yml index 28b0ef43d5ac3..16bfd417cb7fe 100644 --- a/.github/workflows/codeowners-v2.yml +++ b/.github/workflows/codeowners-v2.yml @@ -27,7 +27,7 @@ on: paths: - .github/workflows/codeowners-v2.yml pull_request_target: - types: [opened, ready_for_review, synchronize, reopened, edited] + types: [opened, ready_for_review, synchronize, reopened] permissions: {} diff --git a/.github/workflows/edited.yml b/.github/workflows/edited.yml new file mode 100644 index 0000000000000..37b7dc7e53d12 --- /dev/null +++ b/.github/workflows/edited.yml @@ -0,0 +1,49 @@ +# Some workflows depend on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. +# Instead it causes an `edited` event. +# Since `edited` is also triggered when PR title/body is changed, we use this wrapper workflow, to run the other workflows conditionally only. +# There are already feature requests for adding a `base_changed` event: +# - https://github.com/orgs/community/discussions/35058 +# - https://github.com/orgs/community/discussions/64119 +# +# Instead of adding this to each workflow's pull_request_target event, we trigger this in a separate workflow. +# This has the advantage, that we can actually skip running those jobs for simple edits like changing the title or description. +# The actual trigger happens by closing and re-opening the pull request, which triggers the default pull_request_target events. +# This is much simpler and reliable than other approaches. + +name: "Edited base branch" + +on: + pull_request_target: + types: [edited] + +permissions: {} + +jobs: + base: + name: Trigger jobs + runs-on: ubuntu-24.04 + if: github.event.changes.base.ref.from && github.event.changes.base.ref.from != github.event.pull_request.base.ref + steps: + # Use a GitHub App to create the PR so that CI gets triggered + # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs + # We only need Pull Requests: write here, but the app is also used for backports. + - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 + id: app-token + with: + app-id: ${{ vars.NIXPKGS_CI_APP_ID }} + private-key: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }} + permission-pull-requests: write + + - env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + REPOSITORY: ${{ github.repository }} + NUMBER: ${{ github.event.number }} + run: | + gh api \ + --method PATCH \ + /repos/"$REPOSITORY"/pulls/"$NUMBER" \ + -f "state=closed" + gh api \ + --method PATCH \ + /repos/"$REPOSITORY"/pulls/"$NUMBER" \ + -f "state=open" diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index d183985f07085..05fbb691d488e 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -7,7 +7,6 @@ name: "Label PR" on: pull_request_target: - types: [edited, opened, synchronize, reopened] permissions: contents: read diff --git a/.github/workflows/nixpkgs-vet.yml b/.github/workflows/nixpkgs-vet.yml index b9f9fd2c56f67..160bc27697e8b 100644 --- a/.github/workflows/nixpkgs-vet.yml +++ b/.github/workflows/nixpkgs-vet.yml @@ -10,11 +10,6 @@ on: paths: - .github/workflows/nixpkgs-vet.yml pull_request_target: - # This workflow depends on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. - # Instead it causes an `edited` event, so we need to add it explicitly here. - # While `edited` is also triggered when the PR title/body is changed, this PR action is fairly quick, and PRs don't get edited **that** often, so it shouldn't be a problem. - # There is a feature request for adding a `base_changed` event: https://github.com/orgs/community/discussions/35058 - types: [opened, synchronize, reopened, edited] permissions: {} diff --git a/.github/workflows/no-channel.yml b/.github/workflows/no-channel.yml index ee305a12d61b1..9371f9b44f131 100644 --- a/.github/workflows/no-channel.yml +++ b/.github/workflows/no-channel.yml @@ -5,8 +5,6 @@ on: paths: - .github/workflows/no-channel.yml pull_request_target: - # Re-run should be triggered when the base branch is updated, instead of silently failing - types: [opened, synchronize, reopened, edited] permissions: {}