From 9b01e09a350a8cb2fc86215bcaa040562e439597 Mon Sep 17 00:00:00 2001 From: Wolfgang Walther Date: Wed, 8 Jan 2025 22:01:14 +0100 Subject: [PATCH] workflows: avoid running jobs when editing title etc. We intend to use the edited event to react to base branch changes - but before this change, we also ran those jobs on simple edits like title or description. While this works for some of the quicker jobs, it will not be sustainable for all evaluation-related jobs. But evaluation needs to be re-triggered on a base branch change as well, thus this change. --- .github/workflows/check-format.yml | 1 - .github/workflows/codeowners-v2.yml | 2 +- .github/workflows/edited.yml | 49 +++++++++++++++++++++++++++++ .github/workflows/labels.yml | 1 - .github/workflows/nixpkgs-vet.yml | 5 --- .github/workflows/no-channel.yml | 2 -- 6 files changed, 50 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/edited.yml diff --git a/.github/workflows/check-format.yml b/.github/workflows/check-format.yml index ca3da602575b..fe5d43a92b0e 100644 --- a/.github/workflows/check-format.yml +++ b/.github/workflows/check-format.yml @@ -2,7 +2,6 @@ name: Check that files are formatted on: pull_request_target: - types: [opened, synchronize, reopened, edited] permissions: {} diff --git a/.github/workflows/codeowners-v2.yml b/.github/workflows/codeowners-v2.yml index 98c769236b22..d8ee183f8bd6 100644 --- a/.github/workflows/codeowners-v2.yml +++ b/.github/workflows/codeowners-v2.yml @@ -24,7 +24,7 @@ name: Codeowners v2 on: pull_request_target: - types: [opened, ready_for_review, synchronize, reopened, edited] + types: [opened, ready_for_review, synchronize, reopened] permissions: {} diff --git a/.github/workflows/edited.yml b/.github/workflows/edited.yml new file mode 100644 index 000000000000..37b7dc7e53d1 --- /dev/null +++ b/.github/workflows/edited.yml @@ -0,0 +1,49 @@ +# Some workflows depend on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. +# Instead it causes an `edited` event. +# Since `edited` is also triggered when PR title/body is changed, we use this wrapper workflow, to run the other workflows conditionally only. +# There are already feature requests for adding a `base_changed` event: +# - https://github.com/orgs/community/discussions/35058 +# - https://github.com/orgs/community/discussions/64119 +# +# Instead of adding this to each workflow's pull_request_target event, we trigger this in a separate workflow. +# This has the advantage, that we can actually skip running those jobs for simple edits like changing the title or description. +# The actual trigger happens by closing and re-opening the pull request, which triggers the default pull_request_target events. +# This is much simpler and reliable than other approaches. + +name: "Edited base branch" + +on: + pull_request_target: + types: [edited] + +permissions: {} + +jobs: + base: + name: Trigger jobs + runs-on: ubuntu-24.04 + if: github.event.changes.base.ref.from && github.event.changes.base.ref.from != github.event.pull_request.base.ref + steps: + # Use a GitHub App to create the PR so that CI gets triggered + # The App is scoped to Repository > Contents and Pull Requests: write for Nixpkgs + # We only need Pull Requests: write here, but the app is also used for backports. + - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6 + id: app-token + with: + app-id: ${{ vars.NIXPKGS_CI_APP_ID }} + private-key: ${{ secrets.NIXPKGS_CI_APP_PRIVATE_KEY }} + permission-pull-requests: write + + - env: + GH_TOKEN: ${{ steps.app-token.outputs.token }} + REPOSITORY: ${{ github.repository }} + NUMBER: ${{ github.event.number }} + run: | + gh api \ + --method PATCH \ + /repos/"$REPOSITORY"/pulls/"$NUMBER" \ + -f "state=closed" + gh api \ + --method PATCH \ + /repos/"$REPOSITORY"/pulls/"$NUMBER" \ + -f "state=open" diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index e3423ce169f4..630a725dfd9e 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -7,7 +7,6 @@ name: "Label PR" on: pull_request_target: - types: [edited, opened, synchronize, reopened] permissions: contents: read diff --git a/.github/workflows/nixpkgs-vet.yml b/.github/workflows/nixpkgs-vet.yml index 80d6ba0b9aba..137299f2d78e 100644 --- a/.github/workflows/nixpkgs-vet.yml +++ b/.github/workflows/nixpkgs-vet.yml @@ -7,11 +7,6 @@ name: Vet nixpkgs on: pull_request_target: - # This workflow depends on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`. - # Instead it causes an `edited` event, so we need to add it explicitly here. - # While `edited` is also triggered when the PR title/body is changed, this PR action is fairly quick, and PRs don't get edited **that** often, so it shouldn't be a problem. - # There is a feature request for adding a `base_changed` event: https://github.com/orgs/community/discussions/35058 - types: [opened, synchronize, reopened, edited] permissions: {} diff --git a/.github/workflows/no-channel.yml b/.github/workflows/no-channel.yml index ce0d50fed15d..53e5587025f9 100644 --- a/.github/workflows/no-channel.yml +++ b/.github/workflows/no-channel.yml @@ -2,8 +2,6 @@ name: "No channel PR" on: pull_request_target: - # Re-run should be triggered when the base branch is updated, instead of silently failing - types: [opened, synchronize, reopened, edited] permissions: {}