Ryan Mulligan
5022a71305
update stale bot per RFC 0124
2022-07-10 16:50:49 -07:00
Théophane Hufschmitt
541e10496a
Fix the hydra_status CI job
2022-07-05 16:28:39 +02:00
Théophane Hufschmitt
70083218b3
Restrict the permissions of the CI
2022-07-05 16:01:20 +02:00
naveen
d31c520f40
chore: Set permissions for GitHub actions
...
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-07-01 00:29:30 +00:00
Théophane Hufschmitt
460117a238
Correctly get the nix version in the docker job
...
`defaultPackage` doesn't exist anymore, so we can't use it.
Instead just use the new CLI which should be more robust to these
changes
Fix #6640
2022-06-10 12:09:09 +02:00
dependabot[bot]
d1c270431a
Bump zeebe-io/backport-action from 0.0.7 to 0.0.8
...
Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action ) from 0.0.7 to 0.0.8.
- [Release notes](https://github.com/zeebe-io/backport-action/releases )
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.7...v0.0.8 )
---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-23 22:01:52 +00:00
dependabot[bot]
c060e93b3c
Bump docker/login-action from 1 to 2
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1...v2 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-09 22:01:15 +00:00
dependabot[bot]
dc9510c8d7
Bump actions/checkout from 2 to 3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-13 12:10:29 +00:00
dependabot[bot]
5fc73c276b
build(deps): bump cachix/install-nix-action from 16 to 17
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v16...v17 )
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-11 22:01:20 +00:00
regnat
7bd85a3bf6
Use the nix
command (and flakes) in the CI
...
Apart from a slight simplification and a bit of dogfooding, this also
make the cache behavior more predictable.
For example `nix build .` and `nix build nix/$(git rev-parse HEAD)` will
yield the exact same path, while their “intuitive” non-flake equivalents
(`nix-build` and
`nix-build https://github.com/nixos/nix/archives/$ (git rev-parse HEAD).tar.gz`)
don’t.
This was a pain for example in https://github.com/NixOS/nix/pull/5059
Also, the `bar-with-logs` log format is imho nicer (even in an
non-interactive context) because prefixing each log line with the name
of the derivation that produced it makes it much easier to follow what’s
going on.
2022-01-26 16:41:37 +01:00
Rok Garbas
c79087eb2a
also tagging with latest commit with a master
tag
2022-01-21 14:40:34 +01:00
Rok Garbas
2267c773f0
Push docker image (only x86_64-linux right now) to hub.docker.com
2022-01-11 18:51:58 +01:00
Rok Garbas
9aa486c4be
Rename github workflow from Tests to CI
2022-01-11 18:51:34 +01:00
Tom Bereknyei
5d64c33fa5
add pull_request_template.md
2021-12-09 14:31:34 -05:00
regnat
5f64b69d23
Add a github cron to check the hydra status
...
Add a regular github action that will check the status of the latest
hydra evaluation.
Things aren’t ideal right now because this job will only notify “the
user who last modified the cron syntax in the workflow file” (so myself
atm). But at least that’ll give a notification for failing hydra jobs
2021-11-30 17:54:25 +01:00
dependabot[bot]
5be8fbd740
Bump cachix/install-nix-action from 15 to 16
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 15 to 16.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v15...v16 )
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-22 22:01:42 +00:00
Eelco Dolstra
72e67c4b2d
Merge pull request #5568 from NixOS/dependabot/github_actions/cachix/install-nix-action-15
...
Bump cachix/install-nix-action from 14.1 to 15
2021-11-18 12:32:06 +01:00
dependabot[bot]
3771f931bf
Bump zeebe-io/backport-action from 0.0.5 to 0.0.7
...
Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action ) from 0.0.5 to 0.0.7.
- [Release notes](https://github.com/zeebe-io/backport-action/releases )
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.5...v0.0.7 )
---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-15 22:01:17 +00:00
dependabot[bot]
4ba355e593
Bump cachix/install-nix-action from 14.1 to 15
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 14.1 to 15.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v14.1...v15 )
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-15 22:01:13 +00:00
Domen Kožar
1d0bc96c96
Add backport action
2021-11-15 08:41:03 -06:00
dependabot[bot]
732dd90428
Bump actions/checkout from 2.3.5 to 2.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.3.5 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.3.5...v2.4.0 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-11-08 22:00:58 +00:00
Domen Kožar
b8532c9ff1
install-nix-actionv@v14.1
2021-11-02 08:24:17 -06:00
Eelco Dolstra
19148f1940
Apply a 60-minute timeout to the 'tests' workflow
2021-10-29 14:48:36 +02:00
dependabot[bot]
2400819809
Bump actions/checkout from 2.3.4 to 2.3.5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.3.4...v2.3.5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-10-18 22:01:24 +00:00
dependabot[bot]
5052a81bba
Bump cachix/install-nix-action from 13 to 14
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 13 to 14.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v13...v14 )
---
updated-dependencies:
- dependency-name: cachix/install-nix-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-09-14 12:57:56 +00:00
Travis A. Everett
0386f0c079
fix CI for users with no installer-test cachix
...
Closes #5173
2021-09-01 18:08:38 -05:00
Domen Kožar
9feca5cdf6
github actions: simplify getting the system logic
2021-06-28 23:02:53 +02:00
Patrick Hilhorst
822e338e5c
throw freenode down the memory hole
2021-05-27 21:48:39 +02:00
dependabot[bot]
35faff7325
Bump cachix/cachix-action from v9 to v10
...
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action ) from v9 to v10.
- [Release notes](https://github.com/cachix/cachix-action/releases )
- [Commits](https://github.com/cachix/cachix-action/compare/v9...73e75d1a0cd4330597a571e8f9dedb41faa2fc4e )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-12 05:21:11 +00:00
Domen Kožar
00f00a9954
bump actions
2021-04-03 12:59:44 +02:00
Travis A. Everett
12ec962dd8
simplify changing cachix cache for install tests
...
- convert cachix cache name from an env into a secret so it (along
with the token/key) can be set once per fork
- use CACHIX_AUTH_TOKEN in addition to CACHIX_SIGNING_KEY; it looks
like cachix will try signing key first, then auth token.
2021-02-26 16:14:06 -06:00
Domen Kožar
ae4260f0a7
Generate installer script for each PR/push
...
This works by using Cachix feature of serving a file from
a store path.
2021-02-21 15:51:49 +00:00
Rok Garbas
bab3f30755
Auto closing issues/PRs after 1year.
2021-02-08 11:49:07 +01:00
Rok Garbas
91d83426f7
typo
2021-02-06 13:33:34 +01:00
Rok Garbas
6af26b7aec
Add Stale bot
...
The configuration was taken from nixpkgs repository and adjusted to
`NixOS/nix`.
A `stale` label was added to the labels (with gray color).
Issues and PRs with `critical` label are excluded from interacting with the
stale bot.
2021-02-06 13:29:38 +01:00
dependabot[bot]
0ed7c957be
Bump cachix/install-nix-action from v11 to v12 ( #4237 )
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from v11 to v12.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v11...07da2520eebede906fbeefa9dd0a2b635323909d )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-11-09 23:21:55 +00:00
Domen Kožar
f1428484be
Update .github/workflows/test.yml
2020-09-28 21:08:24 +03:00
Domen Kožar
c89fa3f644
Update .github/workflows/test.yml
2020-09-28 21:08:14 +03:00
dependabot[bot]
095a91f55a
Bump cachix/install-nix-action from v10 to v11
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from v10 to v11.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v10...95a8068e317b8def9482980abe762f36c77ccc99 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-09-28 05:37:07 +00:00
Domen Kožar
f38fe24346
speed up CI
2020-08-30 22:52:34 +02:00
Eelco Dolstra
54712aaf8a
Merge remote-tracking branch 'origin/master' into flakes
2020-07-06 16:40:10 +02:00
dependabot[bot]
9937f4ed37
Bump cachix/install-nix-action from v8 to v10
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from v8 to v10.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](https://github.com/cachix/install-nix-action/compare/v8...63cf434de4e4292c6960639d56c5dd550e789d77 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-06-28 06:02:57 +00:00
Jörg Thalheim
7af734bac1
dependabot: automatically keep github actions up-to-date
2020-06-27 20:37:05 +01:00
Eelco Dolstra
17ca997fc6
Merge remote-tracking branch 'origin/master' into flakes
2020-05-28 12:55:24 +02:00
Domen Kožar
546b179d0a
actions: use latest OS
2020-05-15 10:06:26 +02:00
Eelco Dolstra
941f95284a
Merge remote-tracking branch 'origin/master' into flakes
2020-05-01 11:59:56 +02:00
Domen Kožar
625868b33d
Update issue templates
2020-04-30 15:01:23 +02:00
Domen Kožar
a15f918cba
Update issue templates
2020-04-30 14:57:40 +02:00
Eelco Dolstra
073650db01
Do a deep fetch
...
Currently the build fails with
warning: reject refs/heads/HEAD because shallow roots are not allowed to be updated
error: Could not read 0c2088d438
fatal: Failed to traverse parents of commit ea1803efdc
error: program 'git' failed with exit code 128
2020-03-13 17:25:47 +01:00
Eelco Dolstra
ea1803efdc
Run checks
2020-03-13 17:13:54 +01:00