runner: reproducible nix-built job image + compose-based act_runner
This commit is contained in:
@@ -62,7 +62,9 @@ jobs:
|
||||
done
|
||||
done
|
||||
|
||||
# 4. Build smoke — every changed package must build.
|
||||
# 4. Build smoke — every changed package must build. Cache push
|
||||
# is intentionally absent for now (no shared binary cache);
|
||||
# add a step here once cache infra is decided.
|
||||
- name: build smoke
|
||||
if: steps.changed.outputs.packages != ''
|
||||
run: |
|
||||
@@ -71,20 +73,9 @@ jobs:
|
||||
.#${pkg} --no-link --print-out-paths
|
||||
done
|
||||
|
||||
# 5. Cache push (only on the validated outputs, before merge).
|
||||
- name: push to binary cache
|
||||
if: steps.changed.outputs.packages != ''
|
||||
env:
|
||||
NIX_SECRET_KEY_FILE: ${{ secrets.NIX_CACHE_SECRET_KEY_FILE }}
|
||||
CACHE_URL: ${{ vars.CARGOXX_CACHE_URL }}
|
||||
run: |
|
||||
for pkg in ${{ steps.changed.outputs.packages }}; do
|
||||
nix copy --extra-experimental-features 'nix-command flakes' \
|
||||
--to "${CACHE_URL}?secret-key=${NIX_SECRET_KEY_FILE}" \
|
||||
.#${pkg}
|
||||
done
|
||||
|
||||
# 6. Maintainer match.
|
||||
# 5. Maintainer check — PR must come from someone listed in
|
||||
# recipes/<pkg>/maintainers.txt (auto-pass for new packages,
|
||||
# since the PR introduces the file in the same commit).
|
||||
- name: maintainer check
|
||||
if: steps.changed.outputs.packages != ''
|
||||
run: |
|
||||
@@ -92,18 +83,11 @@ jobs:
|
||||
for pkg in ${{ steps.changed.outputs.packages }}; do
|
||||
list="recipes/$pkg/maintainers.txt"
|
||||
if [[ ! -f "$list" ]]; then
|
||||
echo "new package $pkg — maintainers.txt will be added by this PR"
|
||||
echo "new package $pkg — maintainers.txt added by this PR"
|
||||
continue
|
||||
fi
|
||||
if ! grep -E -q "^\s*${author}\s*(\#.*)?$" "$list"; then
|
||||
echo "PR author '$author' is not in $list"
|
||||
gh pr edit ${{ github.event.pull_request.number }} \
|
||||
--add-label needs-human-review
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
- name: label auto-merge
|
||||
if: steps.changed.outputs.packages != ''
|
||||
run: |
|
||||
gh pr edit ${{ github.event.pull_request.number }} --add-label auto-merge
|
||||
|
||||
Reference in New Issue
Block a user