workflows: Install NSIS via chocolatey

[cosmo0920]

This is because windows-2025 GHA runner is gradually rolling out so we need to install NSIS explicitly if we use it in our CI.

---

Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

• Example configuration file for the change
• Debug log output from testing the change

• Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

• Run local packaging test showing all targets (including any new ones) build.
• Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

• Documentation required for this feature

Backporting

• Backport to latest stable release.

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• Chores
  • Updated Windows CI workflow to install both gzip and NSIS.
  • Ensures necessary tools are available during automated Windows builds.
  • Affects the build pipeline only; no changes to app features or interfaces.
  • Improves consistency of the Windows build environment across executions.
  • No action required for users or developers running the app.

[coderabbitai]

Walkthrough

GitHub Actions Windows build workflow updated to install both gzip and NSIS via Chocolatey in a single step; only the step name and install arguments changed.

Changes

Cohort / File(s)	Summary
GitHub Actions CI \.github/workflows/call-build-windows.yaml	Renamed step to indicate NSIS; changed Chocolatey command from install gzip -y to install gzip nsis -y to add NSIS installation.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

ok-package-test

Suggested reviewers

• niedbalski
• patrick-stephens
• celalettin1286

Pre-merge checks (3 passed)

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title succinctly and accurately summarizes the primary change of explicitly installing NSIS via Chocolatey in the GitHub Actions workflow, providing clear context for reviewers without unnecessary detail.
Description Check	✅ Passed	The description clearly explains the rationale for explicitly installing NSIS due to the rollout of the windows-2025 GitHub Actions runner and relates directly to the changes in the workflow file.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

Poem

Hop-hop, a build I grace,
With gzip packed and NSIS in place.
In Windows burrow, scripts align,
Chocolatey treats—how sublime! 🍫
Now installers bloom, swift and neat—
Thump-thump—another tidy feat. 🐇

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
      - name: "Undocumented Breaking Changes"
        mode: "warning"
        instructions: |
          Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).

Please share your feedback with us on this Discord post.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch cosmo0920-add-nsis-via-chocolatey

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

.github/workflows/call-build-windows.yaml (1)

126-130: Install NSIS is good; consider pinning and quieter installs, plus a sanity check.

• To avoid future breakage, pin NSIS (and optionally keep gzip floating) and make installs less noisy.
• Add a quick validation to fail fast if makensis isn’t on PATH.

Apply either of these diffs:

Option A: Keep single step, quieter output (no pin):

-      - name: Get gzip command and nsis w/ chocolatey
+      - name: Install gzip and NSIS via Chocolatey
         uses: crazy-max/ghaction-chocolatey@v3
         with:
-          args: install gzip nsis -y
+          args: install gzip nsis -y --no-progress --limit-output

Option B: Split and pin only NSIS:

-      - name: Get gzip command and nsis w/ chocolatey
-        uses: crazy-max/ghaction-chocolatey@v3
-        with:
-          args: install gzip nsis -y
+      - name: Install gzip via Chocolatey
+        uses: crazy-max/ghaction-chocolatey@v3
+        with:
+          args: install gzip -y --no-progress --limit-output
+
+      - name: Install NSIS via Chocolatey (pinned)
+        uses: crazy-max/ghaction-chocolatey@v3
+        with:
+          args: install nsis --version 3.10 -y --no-progress --limit-output

Then add this check right after to verify availability:

- name: Verify NSIS is available
  run: makensis /VERSION
  shell: pwsh

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 78806eb and a79f720.

📒 Files selected for processing (1)

• .github/workflows/call-build-windows.yaml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)

• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)

[cosmo0920]

The manually kicking CI results are here:
https://github.com/fluent/fluent-bit/actions/runs/17579236467