From 0dcdf60c38dbef4749e83715db976996551fa45b Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Thu, 28 Sep 2023 01:20:16 +0200 Subject: workflows/check-by-name: Better error when base branch also fails Previously, even if the check also failed on the base branch, it looked like the PR introduced the failure. We can easily have a better error message for such cases. Meanwhile this also paves the road for something like https://github.com/NixOS/nixpkgs/issues/256788 --- .github/workflows/check-by-name.yml | 91 ++++++++++++++++++++++++++++++++++++- 1 file changed, 90 insertions(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index 7a3598dbe2a..faf0eb47517 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -21,6 +21,16 @@ jobs: with: # pull_request_target checks out the base branch by default ref: refs/pull/${{ github.event.pull_request.number }}/merge + # Fetches the merge commit and its parents + fetch-depth: 2 + - name: Determining PR git hashes + run: | + echo "mergedSha=$(git rev-parse HEAD)" >> "$GITHUB_ENV" + + # For pull_request_target this is the same as $GITHUB_SHA + echo "baseSha=$(git rev-parse HEAD^1)" >> "$GITHUB_ENV" + + echo "headSha=$(git rev-parse HEAD^2)" >> "$GITHUB_ENV" - uses: cachix/install-nix-action@v23 - name: Determining channel to use for dependencies run: | @@ -51,4 +61,83 @@ jobs: # Passing --max-jobs 0 makes sure that we won't build anything nix-build "$nixpkgs" -A tests.nixpkgs-check-by-name --max-jobs 0 - name: Running nixpkgs-check-by-name - run: result/bin/nixpkgs-check-by-name . + run: | + echo "Checking whether the check succeeds on the base branch $GITHUB_BASE_REF" + git checkout -q "$baseSha" + if baseOutput=$(result/bin/nixpkgs-check-by-name . 2>&1); then + baseSuccess=1 + else + baseSuccess= + fi + printf "%s\n" "$baseOutput" + + echo "Checking whether the check would succeed after merging this pull request" + git checkout -q "$mergedSha" + if mergedOutput=$(result/bin/nixpkgs-check-by-name . 2>&1); then + mergedSuccess=1 + exitCode=0 + else + mergedSuccess= + exitCode=1 + fi + printf "%s\n" "$mergedOutput" + + resultToEmoji() { + if [[ -n "$1" ]]; then + echo ":heavy_check_mark:" + else + echo ":x:" + fi + } + + # Print a markdown summary in GitHub actions + { + echo "| Nixpkgs version | Check result |" + echo "| --- | --- |" + echo "| Latest base commit | $(resultToEmoji "$baseSuccess") |" + echo "| After merging this PR | $(resultToEmoji "$mergedSuccess") |" + echo "" + + if [[ -n "$baseSuccess" ]]; then + if [[ -n "$mergedSuccess" ]]; then + echo "The check succeeds on both the base branch and after merging this PR" + else + echo "The check succeeds on the base branch, but would fail after merging this PR:" + echo "\`\`\`" + echo "$mergedOutput" + echo "\`\`\`" + echo "" + fi + else + if [[ -n "$mergedSuccess" ]]; then + echo "The check fails on the base branch, but this PR fixes it, nicely done!" + else + echo "The check fails on both the base branch and after merging this PR, unknown if only this PRs changes would satisfy the check, the base branch needs to be fixed first." + echo "" + echo "Failure on the base branch:" + echo "\`\`\`" + echo "$baseOutput" + echo "\`\`\`" + echo "" + echo "Failure after merging this PR:" + echo "\`\`\`" + echo "$mergedOutput" + echo "\`\`\`" + echo "" + fi + fi + + echo "### Details" + echo "- nixpkgs-check-by-name tool:" + echo " - Channel: $channel" + echo " - Nixpkgs commit: [$rev](https://github.com/${GITHUB_REPOSITORY}/commit/$rev)" + echo " - Store path: \`$(realpath result)\`" + echo "- Tested Nixpkgs:" + echo " - Base branch $GITHUB_BASE_REF" + echo " - Latest base branch commit: [$baseSha](https://github.com/${GITHUB_REPOSITORY}/commit/$baseSha)" + echo " - Latest PR commit: [$headSha](https://github.com/${GITHUB_REPOSITORY}/commit/$headSha)" + echo " - Merge commit: [$mergedSha](https://github.com/${GITHUB_REPOSITORY}/commit/$mergedSha)" + } >> "$GITHUB_STEP_SUMMARY" + + exit "$exitCode" + -- cgit 1.4.1 From dd543a79d5310ecdb984493eaca74b84fe4a018f Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 4 Oct 2023 23:42:10 +0200 Subject: workflows/check-by-name: Add a missing colon --- .github/workflows/check-by-name.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index faf0eb47517..c71217466cd 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -133,7 +133,7 @@ jobs: echo " - Nixpkgs commit: [$rev](https://github.com/${GITHUB_REPOSITORY}/commit/$rev)" echo " - Store path: \`$(realpath result)\`" echo "- Tested Nixpkgs:" - echo " - Base branch $GITHUB_BASE_REF" + echo " - Base branch: $GITHUB_BASE_REF" echo " - Latest base branch commit: [$baseSha](https://github.com/${GITHUB_REPOSITORY}/commit/$baseSha)" echo " - Latest PR commit: [$headSha](https://github.com/${GITHUB_REPOSITORY}/commit/$headSha)" echo " - Merge commit: [$mergedSha](https://github.com/${GITHUB_REPOSITORY}/commit/$mergedSha)" -- cgit 1.4.1 From 004da0cf9140d016904a4f0087c3c5b96ecef0ab Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Thu, 5 Oct 2023 00:00:24 +0200 Subject: workflows/check-by-name: Better error for merge conflicts --- .github/workflows/check-by-name.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to '.github/workflows') diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index faf0eb47517..3c515e45189 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -17,16 +17,24 @@ jobs: # as specified in nixos/release-combined.nix runs-on: ubuntu-latest steps: + - name: Resolving the merge commit + run: | + if result=$(git ls-remote --exit-code ${{ github.event.pull_request.base.repo.clone_url }} refs/pull/${{ github.event.pull_request.number }}/merge); then + mergedSha=$(cut -f1 <<< "$result") + echo "The PR appears to not have any conflicts, checking the merge commit $mergedSha" + else + echo "The PR may have a merge conflict" + exit 1 + fi + echo "mergedSha=$mergedSha" >> "$GITHUB_ENV" - uses: actions/checkout@v4 with: # pull_request_target checks out the base branch by default - ref: refs/pull/${{ github.event.pull_request.number }}/merge + ref: ${{ env.mergedSha }} # Fetches the merge commit and its parents fetch-depth: 2 - name: Determining PR git hashes run: | - echo "mergedSha=$(git rev-parse HEAD)" >> "$GITHUB_ENV" - # For pull_request_target this is the same as $GITHUB_SHA echo "baseSha=$(git rev-parse HEAD^1)" >> "$GITHUB_ENV" -- cgit 1.4.1 From 5fbbada2fba1f5aa51c4f2e5e54eb83eeacfe4e6 Mon Sep 17 00:00:00 2001 From: Artturin Date: Tue, 17 Oct 2023 22:04:48 +0300 Subject: workflows/check-by-name: print failed command output --- .github/workflows/check-by-name.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index 90ab843839f..9c46ecea691 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -19,11 +19,13 @@ jobs: steps: - name: Resolving the merge commit run: | - if result=$(git ls-remote --exit-code ${{ github.event.pull_request.base.repo.clone_url }} refs/pull/${{ github.event.pull_request.number }}/merge); then + if result=$(git ls-remote --exit-code ${{ github.event.pull_request.base.repo.clone_url }} refs/pull/${{ github.event.pull_request.number }}/merge 2>&1); then mergedSha=$(cut -f1 <<< "$result") echo "The PR appears to not have any conflicts, checking the merge commit $mergedSha" else echo "The PR may have a merge conflict" + echo "'git ls-remote' output was:" + echo "$result" exit 1 fi echo "mergedSha=$mergedSha" >> "$GITHUB_ENV" -- cgit 1.4.1 From 785b8ca2e73c02cd085991dfdebc3a404288417b Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 18 Oct 2023 01:12:06 +0200 Subject: workflows/check-by-name: Improved mergeability check --- .github/workflows/check-by-name.yml | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) (limited to '.github/workflows') diff --git a/.github/workflows/check-by-name.yml b/.github/workflows/check-by-name.yml index 9c46ecea691..c6cd142bfa6 100644 --- a/.github/workflows/check-by-name.yml +++ b/.github/workflows/check-by-name.yml @@ -18,14 +18,34 @@ jobs: runs-on: ubuntu-latest steps: - name: Resolving the merge commit + env: + GH_TOKEN: ${{ github.token }} run: | - if result=$(git ls-remote --exit-code ${{ github.event.pull_request.base.repo.clone_url }} refs/pull/${{ github.event.pull_request.number }}/merge 2>&1); then - mergedSha=$(cut -f1 <<< "$result") - echo "The PR appears to not have any conflicts, checking the merge commit $mergedSha" + # This checks for mergeability of a pull request as recommended in + # https://docs.github.com/en/rest/guides/using-the-rest-api-to-interact-with-your-git-database?apiVersion=2022-11-28#checking-mergeability-of-pull-requests + while true; do + echo "Checking whether the pull request can be merged" + prInfo=$(gh api \ + -H "Accept: application/vnd.github+json" \ + -H "X-GitHub-Api-Version: 2022-11-28" \ + /repos/"$GITHUB_REPOSITORY"/pulls/${{ github.event.pull_request.number }}) + mergeable=$(jq -r .mergeable <<< "$prInfo") + mergedSha=$(jq -r .merge_commit_sha <<< "$prInfo") + + if [[ "$mergeable" == "null" ]]; then + # null indicates that GitHub is still computing whether it's mergeable + # Wait a couple seconds before trying again + echo "GitHub is still computing whether this PR can be merged, waiting 5 seconds before trying again" + sleep 5 + else + break + fi + done + + if [[ "$mergeable" == "true" ]]; then + echo "The PR can be merged, checking the merge commit $mergedSha" else - echo "The PR may have a merge conflict" - echo "'git ls-remote' output was:" - echo "$result" + echo "The PR cannot be merged, it has a merge conflict" exit 1 fi echo "mergedSha=$mergedSha" >> "$GITHUB_ENV" -- cgit 1.4.1 From eea756868f85192635046fc2214590bd4e81bdee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Oct 2023 11:17:29 +0000 Subject: build(deps): bump korthout/backport-action from 1.3.1 to 2.0.0 Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 1.3.1 to 2.0.0. - [Release notes](https://github.com/korthout/backport-action/releases) - [Commits](https://github.com/korthout/backport-action/compare/v1.3.1...v2.0.0) --- updated-dependencies: - dependency-name: korthout/backport-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/backport.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index d174203238c..50562bd9310 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -24,7 +24,7 @@ jobs: with: ref: ${{ github.event.pull_request.head.sha }} - name: Create backport PRs - uses: korthout/backport-action@v1.3.1 + uses: korthout/backport-action@v2.0.0 with: # Config README: https://github.com/korthout/backport-action#backport-action copy_labels_pattern: 'severity:\ssecurity' -- cgit 1.4.1 From 3036ac33ed88429c478be2fabe1b927d4a7a44c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Nov 2023 11:50:11 +0000 Subject: build(deps): bump korthout/backport-action from 2.0.0 to 2.1.0 Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/korthout/backport-action/releases) - [Commits](https://github.com/korthout/backport-action/compare/v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: korthout/backport-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/backport.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 50562bd9310..2e9e20331bf 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -24,7 +24,7 @@ jobs: with: ref: ${{ github.event.pull_request.head.sha }} - name: Create backport PRs - uses: korthout/backport-action@v2.0.0 + uses: korthout/backport-action@v2.1.0 with: # Config README: https://github.com/korthout/backport-action#backport-action copy_labels_pattern: 'severity:\ssecurity' -- cgit 1.4.1 From afaf6396660d626699c6a505d7939431bec87b0e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Nov 2023 11:58:35 +0000 Subject: build(deps): bump korthout/backport-action from 2.1.0 to 2.1.1 Bumps [korthout/backport-action](https://github.com/korthout/backport-action) from 2.1.0 to 2.1.1. - [Release notes](https://github.com/korthout/backport-action/releases) - [Commits](https://github.com/korthout/backport-action/compare/v2.1.0...v2.1.1) --- updated-dependencies: - dependency-name: korthout/backport-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/backport.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to '.github/workflows') diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index 2e9e20331bf..9343e29d596 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -24,7 +24,7 @@ jobs: with: ref: ${{ github.event.pull_request.head.sha }} - name: Create backport PRs - uses: korthout/backport-action@v2.1.0 + uses: korthout/backport-action@v2.1.1 with: # Config README: https://github.com/korthout/backport-action#backport-action copy_labels_pattern: 'severity:\ssecurity' -- cgit 1.4.1