workflow/labels: switch to a scheduled trigger#416808
workflow/labels: switch to a scheduled trigger#416808philiptaron merged 2 commits intoNixOS:masterfrom
Conversation
nix-owners
bot
requested review from
LeSuisse,
Mic92,
azuwis,
infinisil,
mweinelt,
risicle and
zowoq
github-actions
bot
added
10.rebuild-darwin: 0
philiptaron
left a comment
philiptaron
left a comment
There was a problem hiding this comment.
That's fewer changes than I suspected would be needed.
MattSturgeon
left a comment
MattSturgeon
left a comment
There was a problem hiding this comment.
My JavaScript is feeling rusty and I haven't really internalized this workflow yet. But here's my initial feedback 🙂
Depending on how long the job normally runs we can adjust the frequency.
I suspect that given how many PR events nixpkgs gets, more or less any value will still be an improvement, even ridiculously small intervals like running every few minutes. Although in reality such short intervals would likely run into issues with concurrency* and/or cancellation.
Depending on how long the workflow actually takes to run, maybe the interval should be some multiplier of a typical run length? E.g. 2x or 3x average run?
*Speaking of concurrency, this makes me wonder if we should use a non-cancelling concurrency group for the scheduled runs, so that if we ever did get a scenario where a run is still going when the next one is scheduled, the next one will wait in the queue while the first continues.
wolfgangwalther
force-pushed
the
ci-scheduled-approvals
branch
from
7389593 to
a2c0033
Compare
wolfgangwalther
left a comment
wolfgangwalther
left a comment
There was a problem hiding this comment.
Thanks for the great, detailed feedback, so far!
This.. makes a lot of sense, yes. I pushed a fixup that we can discuss. Does this roughly make sense? |
wolfgangwalther
force-pushed
the
ci-scheduled-approvals
branch
2 times, most recently
from
caa1516 to
7314661
Compare
Instead of relying on workflow_run events, we now trigger the labeling workflow by schedule. This avoids all permission/secrets problems of running in the pull_request_review context - and also gets rid of the "waiting for approval to run workflows" button for new contributors that sometimes comes up right now. Also, it's more efficient. Previously, the labeling workflow would run on *any* pull_request_review event, which happens for all comments, too. So quite a few runs. This will cause a delay of up to 1 hour with the current settings until approval labels are set. Depending on how long the job normally runs we can adjust the frequency. The workflow is written in a way that will work no matter what the frequency ends up being, even when it's interrupted by transient GHA failures: It will always look at all PRs which were updated since the last time the workflow ran successfully. We also add the ability to run it manually via UI. This is useful: - When fixing bugs in the labeler workflow to run it all the way back to where the bug was introduced. - When introducing new labels, to get a head start for a reasonable amount of PRs immediately. Of course, the workflow is also still run directly after Eval itself. This is also the only case that the actions/labeler steps will run, since they depend on the `pull_request` context.
With the previous commit we now have the `before` labels available already, which allows some simplification.
wolfgangwalther
force-pushed
the
ci-scheduled-approvals
branch
from
7314661 to
4d53700
Compare
philiptaron
left a comment
philiptaron
left a comment
There was a problem hiding this comment.
Let's give it a go. To @MattSturgeon's point about running more frequently, I agree that's the likely next PR, and it's as simple as going from 37 * * * * to 7,22,37,52 * * * *.
|
Successfully created backport PR for |
|
Successfully created backport PR for |
github-actions
bot
added
the
8.has: port to stable
|
I manually triggered a run and it says: https://github.com/NixOS/nixpkgs/actions/runs/15681062125/job/44172374668 Let's see what I did wrong. |
|
Missing comma in: 🙈 |
|
Still fails after this fix with something more obscure: https://github.com/NixOS/nixpkgs/actions/runs/15681261596/job/44173012211 Will see whether that affects all PRs or just the scheduled job. If it affects all PRs, we might want to revert. If it only affects the scheduled run and maybe a specific PR, we can keep it in. Looks like it might be specific about a certain PR. |
PRs are now passing again, so I'll keep it as is and investigate further for which PR exactly it breaks down. |
Can we debug by adding some I only see two calls to |
|
I think the best way would be to:
I'll try to set it up this way. |
|
Not sure how to add more context nicely... but it wouldn't really help in this specific case. The problem is simple and stupid: All PRs download their artifacts to the exact same location This means they overwrite each other and just happen to be reading an incomplete file while it's being saved. |
|
Nice! Looks like
We should be able to use this to specify a unique name. |
|
Yes - we use that already. I just copied the hardcoded |
|
After the second round of fixes the first manually triggered run was successful: https://github.com/NixOS/nixpkgs/actions/runs/15684644647/job/44184623606 It went through 34 PRs in 7 seconds. Installing the dependency.. takes 22 seconds compared to that. Also confirmed in #417251 that it actually works and adds some labels.
Let's wait for a scheduled run to go off, but yes, this should be easily doable. Maybe even more. |
3 participants
This came out of the after-merge discussion in #415259.
Instead of relying on
workflow_runevents, we now trigger the labeling workflow by schedule. This avoids all permission/secrets problems of running in thepull_request_reviewcontext - and also gets rid of the "waiting for approval to run workflows" button for new contributors that sometimes comes up right now.Also, it's more efficient. Previously, the labeling workflow would run on any
pull_request_reviewevent, which happens for all comments, too. So quite a few runs.This will cause a delay of up to 1 hour with the current settings until approval labels are set. Depending on how long the job normally runs we can adjust the frequency. The workflow is written in a way that will work no matter what the frequency ends up being, even when it's interrupted by transient GHA failures: It will always look at all PRs which were updated since the last time the workflow ran successfully.
We also add the ability to run it manually via UI. This is useful:
Of course, the workflow is also still run directly after Eval itself. This is also the only case that the actions/labeler steps will run, since they depend on the
pull_requestcontext.As a side-effect this also handles #416719 better. I wouldn't close it with that, because old PRs are not labeled correctly, yet. But at least the job should not fail anymore.
Things done
Of course, the interesting question will be how this behaves at the scale of Nixpkgs, compared to my lonely fork.
Add a 👍 reaction to pull requests you find important.