all-maintainers.nix: init; flake/dev/generate-all-maintainers: init #3525
all-maintainers.nix: init; flake/dev/generate-all-maintainers: init #3525khaneliman merged 3 commits intonix-community:mainfrom
Conversation
khaneliman
force-pushed
the
maintainers
branch
4 times, most recently
from
83e7d6e to
68927a8
Compare
khaneliman
force-pushed
the
maintainers
branch
2 times, most recently
from
1783e39 to
2ecc836
Compare
MattSturgeon
left a comment
MattSturgeon
left a comment
There was a problem hiding this comment.
Initial review from my phone, so I may have missed some wider context.
Looks good!
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
MattSturgeon
left a comment
MattSturgeon
left a comment
There was a problem hiding this comment.
Sorry for dragging this through multiple review rounds. My intention was to give early feedback (earlier) and look in more detail later (now).
I have a few minor nits/questions.
Also I feel like we can further simplify the nix codegen if we can avoid needing to embed comments. I think the simplest way would be to create an attrset that represents the final value and then render that in one go using toPretty. See relevant comment(s).
Also, it'd be nice to have the file out of the top-level directory. E.g. moved to lib/ or generated/.
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
|
I've renamed https://github.com/orgs/nix-community/teams/nixvim-committers Also added "Organization permissions" -> "Members" -> "Read-only" to the |
khaneliman
force-pushed
the
maintainers
branch
13 times, most recently
from
29676d6 to
903047b
Compare
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
flake/dev/generate-all-maintainers/extract-maintainers-meta.nix
Outdated
Show resolved
Hide resolved
khaneliman
force-pushed
the
maintainers
branch
4 times, most recently
from
2869b03 to
3bbcba3
Compare
|
Test run https://github.com/khaneliman/nixvim/actions/runs/16123566518/job/45495054506 I don't have git config setup for PR on fork atm But, should work when the |
|
https://github.com/khaneliman/nixvim/actions/runs/16123952334/job/45496299935 alright, have to capture the output from validation. |
khaneliman
force-pushed
the
maintainers
branch
3 times, most recently
from
2fe8b28 to
1f85434
Compare
|
Alright, after doing some testing https://github.com/khaneliman/nixvim/actions/runs/16126857467 I made it work better with existing PRs |
MattSturgeon
left a comment
MattSturgeon
left a comment
There was a problem hiding this comment.
No issues with the diff from me. And I trust your testing process.
Minor comments below, all either trivial or subjective. They can all be ignored if preferred.
| } | ||
| } | ||
| } | ||
| ' | jq --raw-output ' |
There was a problem hiding this comment.
FYI gh api also has a --jq flag:
| ' | jq --raw-output ' | |
| ' --jq ' |
Sometimes it's still worth it to pipe to jq though, e.g. if you want to use --exit-status to trigger a failure if the jq query doesn't match the input JSON.
We use a similar graphql query elsewhere, but one issue I'm now spotting is that headRefName could also match PRs on forks that use the same branch name... I don't see an obvious quick fix in the graphql explorer, and the issue applies to both places, so this is fine for now.
Used to generate a full maintainers.nix file that can be used for RFC39 invites. We will use these invites to support requesting reviews from maintainers.
Used to keep the maintainers list updated used for RFC39 invites.
| update-maintainers: | ||
| runs-on: ubuntu-latest | ||
| if: github.repository_owner == 'nix-community' || github.event_name == 'workflow_dispatch' | ||
| # Permissions required for workflow |
There was a problem hiding this comment.
Nit: this makes it sound like this is the canonical place where the permissions are defined. However we actually have them in two places, and this is the less important of the two since it is only used on forks that don't have an APP_ID.
There was a problem hiding this comment.
Not sure why this would be less important? These are required for a token to get generated with permissions required, the others are just to limit the scope of permissions granted to an app.
There was a problem hiding this comment.
These dictate the permissions of github.token and are entirely unrelated to the app token.
I said they're less important because github.token is only used when there's no app token.
There was a problem hiding this comment.
These dictate the permissions of github.token and are entirely unrelated to the app token.
the others are just to limit the scope of permissions granted to an app.
Understood, as part of previous response.
Guess its differing opinion on what's important. I think declaring the app token permissions as less because they are optional for functionality. But, the app token permissions are just a couple lines lower with the exact same naming convention and didn't think it warranted copy/paste for same explanation.
4 participants
Copying implementation from nix-community/home-manager#7350 with tweaks to work in nixvim. nix-community/infra#1837