wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-25 10:41:16 +02:00
Code Activity

Merge pull request #12109 from trueNAHO/workflows-lock-ubuntu-and-macos-runners-and-update-ubuntu-runner

Browse source 
ci: lock Ubuntu and macOS runners and update Ubuntu runner
This commit is contained in:
Jörg Thalheim 2025-01-02 00:20:32 +01:00 committed by GitHub
commit 5ebc8d4960
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 16 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

20
.github/workflows/ci.yml vendored
View file

@ -8,7 +8,7 @@ permissions: read-all
jobs: jobs:
eval: eval:
runs-on: ubuntu-latest runs-on: ubuntu-24.04
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
@ -20,7 +20,7 @@ jobs:
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
os: [ubuntu-latest, macos-latest] os: [ubuntu-24.04, macos-14]
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
timeout-minutes: 60 timeout-minutes: 60
steps: steps:
@ -37,7 +37,7 @@ jobs:
# Since ubuntu 22.30, unprivileged usernamespaces are no longer allowed to map to the root user: # Since ubuntu 22.30, unprivileged usernamespaces are no longer allowed to map to the root user:
# https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces # https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
- run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 - run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
if: matrix.os == 'ubuntu-latest' if: matrix.os == 'ubuntu-24.04'
- run: scripts/build-checks - run: scripts/build-checks
- run: scripts/prepare-installer-for-github-actions - run: scripts/prepare-installer-for-github-actions
- name: Upload installer tarball - name: Upload installer tarball
@ -51,7 +51,7 @@ jobs:
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
os: [ubuntu-latest, macos-latest] os: [ubuntu-24.04, macos-14]
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
@ -68,9 +68,9 @@ jobs:
install_url: 'http://localhost:8126/install' install_url: 'http://localhost:8126/install'
install_options: "--tarball-url-prefix http://localhost:8126/" install_options: "--tarball-url-prefix http://localhost:8126/"
- run: sudo apt install fish zsh - run: sudo apt install fish zsh
if: matrix.os == 'ubuntu-latest' if: matrix.os == 'ubuntu-24.04'
- run: brew install fish - run: brew install fish
if: matrix.os == 'macos-latest' if: matrix.os == 'macos-14'
- run: exec bash -c "nix-instantiate -E 'builtins.currentTime' --eval" - run: exec bash -c "nix-instantiate -E 'builtins.currentTime' --eval"
- run: exec sh -c "nix-instantiate -E 'builtins.currentTime' --eval" - run: exec sh -c "nix-instantiate -E 'builtins.currentTime' --eval"
- run: exec zsh -c "nix-instantiate -E 'builtins.currentTime' --eval" - run: exec zsh -c "nix-instantiate -E 'builtins.currentTime' --eval"
@ -86,7 +86,7 @@ jobs:
permissions: permissions:
contents: none contents: none
name: Check Docker secrets present for installer tests name: Check Docker secrets present for installer tests
runs-on: ubuntu-latest runs-on: ubuntu-24.04
outputs: outputs:
docker: ${{ steps.secret.outputs.docker }} docker: ${{ steps.secret.outputs.docker }}
steps: steps:
@ -106,7 +106,7 @@ jobs:
needs.check_secrets.outputs.docker == 'true' && needs.check_secrets.outputs.docker == 'true' &&
github.event_name == 'push' && github.event_name == 'push' &&
github.ref_name == 'master' github.ref_name == 'master'
runs-on: ubuntu-latest runs-on: ubuntu-24.04
steps: steps:
- name: Check for secrets - name: Check for secrets
id: secret id: secret
@ -158,7 +158,7 @@ jobs:
docker push $IMAGE_ID:master docker push $IMAGE_ID:master
vm_tests: vm_tests:
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@main - uses: DeterminateSystems/nix-installer-action@main
@ -173,7 +173,7 @@ jobs:
flake_regressions: flake_regressions:
needs: vm_tests needs: vm_tests
runs-on: ubuntu-22.04 runs-on: ubuntu-24.04
steps: steps:
- name: Checkout nix - name: Checkout nix
uses: actions/checkout@v4 uses: actions/checkout@v4

2
.github/workflows/labels.yml vendored
View file

@ -15,7 +15,7 @@ permissions:
jobs: jobs:
labels: labels:
runs-on: ubuntu-latest runs-on: ubuntu-24.04
if: github.repository_owner == 'NixOS' if: github.repository_owner == 'NixOS'
steps: steps:
- uses: actions/labeler@v5 - uses: actions/labeler@v5

8
.mergify.yml
View file

@ -2,10 +2,10 @@ queue_rules:
- name: default - name: default
# all required tests need to go here # all required tests need to go here
merge_conditions: merge_conditions:
- check-success=tests (macos-latest) - check-success=tests (macos-14)
- check-success=tests (ubuntu-latest) - check-success=tests (ubuntu-24.04)
- check-success=installer_test (macos-latest) - check-success=installer_test (macos-14)
- check-success=installer_test (ubuntu-latest) - check-success=installer_test (ubuntu-24.04)
- check-success=vm_tests - check-success=vm_tests
batch_size: 5 batch_size: 5

2
doc/manual/source/development/testing.md
View file

@ -297,7 +297,7 @@ Creating a Cachix cache for your installer tests and adding its authorisation to
- `armv7l-linux` - `armv7l-linux`
- `x86_64-darwin` - `x86_64-darwin`
- The `installer_test` job (which runs on `ubuntu-latest` and `macos-latest`) will try to install Nix with the cached installer and run a trivial Nix command. - The `installer_test` job (which runs on `ubuntu-24.04` and `macos-14`) will try to install Nix with the cached installer and run a trivial Nix command.
### One-time setup ### One-time setup