b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
410370 commits 2 branches 0 tags 3.3 GiB
Commit graph

132 commits

Author SHA1 Message Date
zowoq d3270d6b32 .github/workflows/update-terraform-providers.yml: add nixpkgs-unstable for nix-shell 
nix_path was removed from the update scripts in 3e63fa279f
 2022-09-21 14:43:03 +10:00
zowoq 5fabd2ba5a .github/workflows/update-terraform-providers.yml: disable scheduled update 
try nixpkgs-update with passthru.updateScript
 2022-09-15 06:00:33 +10:00
zowoq bbe49339b8 .github/workflows: fix permissions 
the merge actions comment on pull requests, seems this was broken by 2c71278a23

also:
- fix permissions on new manual rendering action
- drop unnecessary issues permission from the terraform action
 2022-09-12 15:34:35 +10:00
pennae fc6f0ea188 workflows: fix manual-rendering.yml 
the check command didn't set NIX_PATH, so compare-manuals.sh (which is a nix-shell script) failed.
 2022-09-11 13:14:44 +10:00
pennae c45deeb2aa workflows: add check for docbook/md manual equality 
we want to make sure that rendering the manual from markdown without
going through docbook produces (semantically) the same output as with
going through docbook. to ensure this we'll build the manual twice, run
each manual through html-tidy to generate a normalized form and diff
the normalized forms. we don't want to compare raw output because that
exposes us to a lot of whitespace we'd have to reproduce exactly in the
MD render.

this check may be relaxed even further in the future, but hopefully not
by much.
 2022-09-10 18:23:13 +02:00
pennae ec75c8efff workflows: check that nixos manual does not use docbook option docs 
the nixos manual should not use docbook for module option documentation,
only markdown, to make future transition to a markdown-only world easier
and less painful. this check will ensure that all options
documentation (even plain text that would not be interpreted specially
by neither markdown nor docbook) is declared as being markdown.
 2022-09-10 18:23:13 +02:00
zowoq 25b464c8b3
terraform-full: remove (#184649) 
* terraform-full: remove

* .github/workflows/update-terraform-providers.yml: switch to terraform.full
 2022-08-02 19:45:05 +02:00
Winter 3707cc5a0d
Revert "backport-action: 0.0.5 -> 0.0.8" 2022-07-24 23:30:11 -04:00
Winter fee30801b2 backport-action: 0.0.5 -> 0.0.8 2022-07-24 13:20:39 -04:00
github-actions[bot] 33be3debd5 terraform-providers: update 2022-07-10 2022-07-10 16:20:44 +10:00
Varun Sharma 2c71278a23 ci: Add GitHub token permissions for workflows 
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
 2022-07-08 10:53:38 -07:00
Robert Hensing 3a27c40463 workflows/nixos-manual: Add command to run to error message 2022-07-06 07:32:17 +02:00
Janne Heß 8befefd1a7
workflows: Remove 21.11 merges 
Channel is EOL
 2022-07-04 20:04:17 +02:00
nathannaveen 5deff9583c chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
 2022-07-04 01:09:50 +00:00
Janne Heß e728029b30
workflows: Replace 21.05 with 22.05 2022-05-23 19:57:42 +02:00
dependabot[bot] 646ed065e5 build(deps): bump peter-evans/create-pull-request from 3 to 4 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)
 2022-04-29 17:58:49 +10:00
zowoq c19e9b776d .github/workflows/update-terraform-providers.yml: minor fixes 
- simplify comment
- move `ofborg` command into block for clickable copying
 2022-04-28 08:13:24 +10:00
dependabot[bot] 23e9e781e2 build(deps): bump cachix/install-nix-action from 16 to 17 
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v16...v17)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-08 17:59:26 +10:00
Artturin 36c36411b8 .github/workflows/basic-eval.yml: only run if manually triggered 
ofborg should have obsoleted this with https://github.com/NixOS/ofborg/pull/588#issuecomment-1078451552
https://github.com/NixOS/nixpkgs/pull/166599#issuecomment-1085069938

this is still useful to have around for act usage
 2022-04-01 09:48:20 +03:00
Sandro 319145c9dc
Merge pull request #165397 from Mic92/create-or-update-comment 2022-03-27 12:12:23 +02:00
dependabot[bot] 1f161a57c2 build(deps): bump peter-evans/commit-comment from 1 to 2 
Bumps [peter-evans/commit-comment](https://github.com/peter-evans/commit-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/commit-comment/releases)
- [Commits](https://github.com/peter-evans/commit-comment/compare/v1...v2)

---
updated-dependencies:
- dependency-name: peter-evans/commit-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-23 08:24:13 +01:00
dependabot[bot] 180dada3ed build(deps): bump peter-evans/create-or-update-comment from 1 to 2 
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v1...v2)

---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-23 08:23:37 +01:00
Jörg Thalheim 92a720cbac ci: add warning to actions with writeable GITHUB_TOKEN 
Co-authored-by: ckie <25263210+ckiee@users.noreply.github.com>
 2022-03-21 08:54:42 +01:00
zowoq 1d41af9bc9 .github/workflows/basic-eval.yml: add cachix cache 
Avoids rebuilding nix in every PR if it hasn't been build on hydra yet.
 2022-03-14 08:12:25 +10:00
zowoq 65268fe99a .github/workflows: update cachix cache comment 2022-03-14 08:12:24 +10:00
Jörg Thalheim a385dd1ae3
Merge pull request #162450 from Mic92/actions-labeler 
build(deps): bump actions/labeler from 3 to 4
 2022-03-02 04:57:15 +00:00
dependabot[bot] 3f2c2d0afa
build(deps): bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)
 2022-03-02 05:13:13 +01:00
dependabot[bot] e07220a5ad
build(deps): bump actions/labeler from 3 to 4 
Bumps [actions/labeler](https://github.com/actions/labeler) from 3 to 4.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v3...v4)
 2022-03-02 05:08:31 +01:00
zowoq 215002fb9f terraform-providers: update scripts 
- add flag to skip building updated providers
- have the github action skip building providers so we don't need to handle build failures in the script
- remove outdated `vendor` flag, all providers use `buildGoModule`
 2022-02-07 12:02:36 +10:00
zowoq fc7fb0d528 .github/workflows/update-terraform-providers.yml: minor fixes 
- change ofborg command into a comment
- use WIP label instead of draft so codeowner notification works
 2022-01-04 18:18:48 +10:00
zowoq bcd238a027 .github/workflows/update-terraform-providers.yml: init 
weekly update of terraform providers which can also be run manually
 2022-01-04 11:00:15 +10:00
zowoq 1b8f795c94 .github/workflows/editorconfig.yml: 2.3.5 -> 2.4.0 2021-12-16 21:43:53 +10:00
zowoq c3338bcdc4 .github/workflows/editorconfig.yml: allow PRs to skip check 
Intended for treewide reformatting PRs so we don't hit the API ratelimit.
 2021-12-03 12:54:08 +10:00
zowoq 0d02ab2028 .github/workflows/editorconfig.yml: write changed files to disk 
This avoids errors when exporting long lists to $GITHUB_ENV.

Co-authored-by: Moritz Hedtke <Moritz.Hedtke@t-online.de>
 2021-12-02 09:11:21 +10:00
zowoq 34fa1ffbe4 Revert ".github/workflows/editorconfig.yml: Don't use GitHub API for PR diff." 
This reverts commit 4db84ed126.

Causing CI errors.
 2021-11-30 10:42:57 +10:00
Moritz Hedtke 4db84ed126 .github/workflows/editorconfig.yml: Don't use GitHub API for PR diff. 
This caused ratelimits for large PRs (reformatting PRs)
 2021-11-30 09:41:52 +10:00
Martin Weinelt 3eb5d85beb .github/workflows/periodic-merge: configure 21.11 release 2021-11-28 17:00:50 -08:00
dependabot[bot] 4985724c82 build(deps): bump cachix/install-nix-action from 15 to 16 
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 15 to 16.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v15...v16)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-23 13:50:59 +01:00
dependabot[bot] a3d17b38a1 build(deps): bump cachix/install-nix-action from 14 to 15 
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 14 to 15.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v14...v15)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-11-13 06:16:14 +01:00
Domen Kožar 6954a396d1 Revert "build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6 (#140848)" 
This reverts commit 50341b0cd8.

It breaks the backport action.
 2021-10-31 11:42:05 -06:00
Domen Kožar a8ac0dd944 Revert "backport-action: 0.0.6 -> 0.0.7" 
This reverts commit 7e3ba3e88b.

It breaks the backport.
 2021-10-31 11:42:04 -06:00
Domen Kožar 7e3ba3e88b backport-action: 0.0.6 -> 0.0.7 2021-10-29 13:30:51 -05:00
Jörg Thalheim 50341b0cd8
build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6 (#140848) 
* build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.5 to 0.0.6.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.5...v0.0.6)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update .github/workflows/backport.yml

* Update .github/workflows/backport.yml

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Domen Kožar <domen@enlambda.com>
 2021-10-28 20:22:14 +01:00
Martin Weinelt 8b77d991b6 .github/workflows/periodic-merge: move stable merges to 24h cycle 2021-10-05 20:53:53 +02:00
dependabot[bot] 307690708a build(deps): bump cachix/install-nix-action from 13 to 14 
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 13 to 14.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v13...v14)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-09 08:05:27 +02:00
dependabot[bot] 05a5144fa9 build(deps): bump devmasx/merge-branch from 1.3.1 to 1.4.0 
Bumps [devmasx/merge-branch](https://github.com/devmasx/merge-branch) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/devmasx/merge-branch/releases)
- [Changelog](https://github.com/devmasx/merge-branch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/devmasx/merge-branch/compare/v1.3.1...1.4.0)

---
updated-dependencies:
- dependency-name: devmasx/merge-branch
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-02 07:08:00 +10:00
Jörg Thalheim 2f9cf506dd
build(deps): bump zeebe-io/backport-action (#131466) 
* build(deps): bump zeebe-io/backport-action

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 2b994724142df0774855690db56bc6308fb99ffa to 0.0.5. This release includes the previously tagged commit.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](2b99472414...e5d4d7c39c)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: zowoq <59103226+zowoq@users.noreply.github.com>
 2021-07-25 19:22:26 +01:00
dependabot[bot] 8ebf75b3c7 build(deps): bump cachix/cachix-action from 9 to 10 
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 9 to 10.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](https://github.com/cachix/cachix-action/compare/v9...v10)

---
updated-dependencies:
- dependency-name: cachix/cachix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-07-25 13:48:04 +02:00
Jonas Chevalier b8297c00c9
ci: add no-channel check (#109543) 
* ci: add no-channel check

* Update .github/workflows/no-channel.yml

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>

Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
 2021-07-21 08:22:37 +02:00
Domen Kožar 7904fffeef
GHA: add basic eval checks 2021-07-07 14:26:59 +02:00