6baeff261f
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.1 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](eef61447b9...11bd71901b
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
91 lines
3.4 KiB
YAML
91 lines
3.4 KiB
YAML
# This file was copied mostly from check-maintainers-sorted.yaml.
|
|
# NOTE: Formatting with the RFC-style nixfmt command is not yet stable. See
|
|
# https://github.com/NixOS/rfcs/pull/166.
|
|
# Because of this, this action is not yet enabled for all files -- only for
|
|
# those who have opted in.
|
|
name: Check that Nix files are formatted
|
|
|
|
on:
|
|
pull_request_target:
|
|
# See the comment at the same location in ./nixpkgs-vet.yml
|
|
types: [opened, synchronize, reopened, edited]
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
nixos:
|
|
name: nixfmt-check
|
|
runs-on: ubuntu-latest
|
|
if: "!contains(github.event.pull_request.title, '[skip treewide]')"
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
with:
|
|
# pull_request_target checks out the base branch by default
|
|
ref: refs/pull/${{ github.event.pull_request.number }}/merge
|
|
# Fetches the merge commit and its parents
|
|
fetch-depth: 2
|
|
- name: Checking out base branch
|
|
run: |
|
|
base=$(mktemp -d)
|
|
baseRev=$(git rev-parse HEAD^1)
|
|
git worktree add "$base" "$baseRev"
|
|
echo "baseRev=$baseRev" >> "$GITHUB_ENV"
|
|
echo "base=$base" >> "$GITHUB_ENV"
|
|
- name: Get Nixpkgs revision for nixfmt
|
|
run: |
|
|
# pin to a commit from nixpkgs-unstable to avoid e.g. building nixfmt
|
|
# from staging
|
|
# This should not be a URL, because it would allow PRs to run arbitrary code in CI!
|
|
rev=$(jq -r .rev ci/pinned-nixpkgs.json)
|
|
echo "url=https://github.com/NixOS/nixpkgs/archive/$rev.tar.gz" >> "$GITHUB_ENV"
|
|
- uses: cachix/install-nix-action@08dcb3a5e62fa31e2da3d490afc4176ef55ecd72 # v30
|
|
with:
|
|
# explicitly enable sandbox
|
|
extra_nix_config: sandbox = true
|
|
nix_path: nixpkgs=${{ env.url }}
|
|
- name: Install nixfmt
|
|
run: "nix-env -f '<nixpkgs>' -iAP nixfmt-rfc-style"
|
|
- name: Check that Nix files are formatted according to the RFC style
|
|
run: |
|
|
unformattedFiles=()
|
|
|
|
# TODO: Make this more parallel
|
|
|
|
# Loop through all Nix files touched by the PR
|
|
while readarray -d '' -n 2 entry && (( ${#entry[@]} != 0 )); do
|
|
type=${entry[0]}
|
|
file=${entry[1]}
|
|
case $type in
|
|
A*)
|
|
source=""
|
|
dest=$file
|
|
;;
|
|
M*)
|
|
source=$file
|
|
dest=$file
|
|
;;
|
|
C*|R*)
|
|
source=$file
|
|
read -r -d '' dest
|
|
;;
|
|
*)
|
|
echo "Ignoring file $file with type $type"
|
|
continue
|
|
esac
|
|
|
|
# Ignore files that weren't already formatted
|
|
if [[ -n "$source" ]] && ! nixfmt --check ${{ env.base }}/"$source" 2>/dev/null; then
|
|
echo "Ignoring file $file because it's not formatted in the base commit"
|
|
elif ! nixfmt --check "$dest"; then
|
|
unformattedFiles+=("$dest")
|
|
fi
|
|
done < <(git diff -z --name-status ${{ env.baseRev }} -- '*.nix')
|
|
|
|
if (( "${#unformattedFiles[@]}" > 0 )); then
|
|
echo "Some new/changed Nix files are not properly formatted"
|
|
echo "Please go to the Nixpkgs root directory, run \`nix-shell\`, then:"
|
|
echo "nixfmt ${unformattedFiles[*]@Q}"
|
|
echo "If you're having trouble, please ping @NixOS/nix-formatting"
|
|
exit 1
|
|
fi
|