Commit graph

134 commits

Author SHA1 Message Date
Domen Kožar
55b3eabbb4
Merge pull request #192981 from winterqt/update-backport-action
backport-action: 0.0.5 -> 0.0.8
2022-09-26 14:13:00 +02:00
Winter
6f3ce7a620 backport-action: 0.0.5 -> 0.0.8 2022-09-25 22:11:54 -04:00
zowoq
d3270d6b32 .github/workflows/update-terraform-providers.yml: add nixpkgs-unstable for nix-shell
nix_path was removed from the update scripts in 3e63fa279f
2022-09-21 14:43:03 +10:00
zowoq
5fabd2ba5a .github/workflows/update-terraform-providers.yml: disable scheduled update
try nixpkgs-update with passthru.updateScript
2022-09-15 06:00:33 +10:00
zowoq
bbe49339b8 .github/workflows: fix permissions
the merge actions comment on pull requests, seems this was broken by 2c71278a23

also:
- fix permissions on new manual rendering action
- drop unnecessary issues permission from the terraform action
2022-09-12 15:34:35 +10:00
pennae
fc6f0ea188 workflows: fix manual-rendering.yml
the check command didn't set NIX_PATH, so compare-manuals.sh (which is a nix-shell script) failed.
2022-09-11 13:14:44 +10:00
pennae
c45deeb2aa workflows: add check for docbook/md manual equality
we want to make sure that rendering the manual from markdown without
going through docbook produces (semantically) the same output as with
going through docbook. to ensure this we'll build the manual twice, run
each manual through html-tidy to generate a normalized form and diff
the normalized forms. we don't want to compare raw output because that
exposes us to a lot of whitespace we'd have to reproduce exactly in the
MD render.

this check may be relaxed even further in the future, but hopefully not
by much.
2022-09-10 18:23:13 +02:00
pennae
ec75c8efff workflows: check that nixos manual does not use docbook option docs
the nixos manual should not use docbook for module option documentation,
only markdown, to make future transition to a markdown-only world easier
and less painful. this check will ensure that all options
documentation (even plain text that would not be interpreted specially
by neither markdown nor docbook) is declared as being markdown.
2022-09-10 18:23:13 +02:00
zowoq
25b464c8b3
terraform-full: remove (#184649)
* terraform-full: remove

* .github/workflows/update-terraform-providers.yml: switch to terraform.full
2022-08-02 19:45:05 +02:00
Winter
3707cc5a0d
Revert "backport-action: 0.0.5 -> 0.0.8" 2022-07-24 23:30:11 -04:00
Winter
fee30801b2 backport-action: 0.0.5 -> 0.0.8 2022-07-24 13:20:39 -04:00
github-actions[bot]
33be3debd5 terraform-providers: update 2022-07-10 2022-07-10 16:20:44 +10:00
Varun Sharma
2c71278a23 ci: Add GitHub token permissions for workflows
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io>
2022-07-08 10:53:38 -07:00
Robert Hensing
3a27c40463 workflows/nixos-manual: Add command to run to error message 2022-07-06 07:32:17 +02:00
Janne Heß
8befefd1a7
workflows: Remove 21.11 merges
Channel is EOL
2022-07-04 20:04:17 +02:00
nathannaveen
5deff9583c chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-07-04 01:09:50 +00:00
Janne Heß
e728029b30
workflows: Replace 21.05 with 22.05 2022-05-23 19:57:42 +02:00
dependabot[bot]
646ed065e5 build(deps): bump peter-evans/create-pull-request from 3 to 4
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 4.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v3...v4)
2022-04-29 17:58:49 +10:00
zowoq
c19e9b776d .github/workflows/update-terraform-providers.yml: minor fixes
- simplify comment
- move `ofborg` command into block for clickable copying
2022-04-28 08:13:24 +10:00
dependabot[bot]
23e9e781e2 build(deps): bump cachix/install-nix-action from 16 to 17
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 16 to 17.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v16...v17)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-08 17:59:26 +10:00
Artturin
36c36411b8 .github/workflows/basic-eval.yml: only run if manually triggered
ofborg should have obsoleted this with https://github.com/NixOS/ofborg/pull/588#issuecomment-1078451552
https://github.com/NixOS/nixpkgs/pull/166599#issuecomment-1085069938

this is still useful to have around for act usage
2022-04-01 09:48:20 +03:00
Sandro
319145c9dc
Merge pull request #165397 from Mic92/create-or-update-comment 2022-03-27 12:12:23 +02:00
dependabot[bot]
1f161a57c2 build(deps): bump peter-evans/commit-comment from 1 to 2
Bumps [peter-evans/commit-comment](https://github.com/peter-evans/commit-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/commit-comment/releases)
- [Commits](https://github.com/peter-evans/commit-comment/compare/v1...v2)

---
updated-dependencies:
- dependency-name: peter-evans/commit-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-23 08:24:13 +01:00
dependabot[bot]
180dada3ed build(deps): bump peter-evans/create-or-update-comment from 1 to 2
Bumps [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) from 1 to 2.
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v1...v2)

---
updated-dependencies:
- dependency-name: peter-evans/create-or-update-comment
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-23 08:23:37 +01:00
Jörg Thalheim
92a720cbac ci: add warning to actions with writeable GITHUB_TOKEN
Co-authored-by: ckie <25263210+ckiee@users.noreply.github.com>
2022-03-21 08:54:42 +01:00
zowoq
1d41af9bc9 .github/workflows/basic-eval.yml: add cachix cache
Avoids rebuilding nix in every PR if it hasn't been build on hydra yet.
2022-03-14 08:12:25 +10:00
zowoq
65268fe99a .github/workflows: update cachix cache comment 2022-03-14 08:12:24 +10:00
Jörg Thalheim
a385dd1ae3
Merge pull request #162450 from Mic92/actions-labeler
build(deps): bump actions/labeler from 3 to 4
2022-03-02 04:57:15 +00:00
dependabot[bot]
3f2c2d0afa
build(deps): bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)
2022-03-02 05:13:13 +01:00
dependabot[bot]
e07220a5ad
build(deps): bump actions/labeler from 3 to 4
Bumps [actions/labeler](https://github.com/actions/labeler) from 3 to 4.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v3...v4)
2022-03-02 05:08:31 +01:00
zowoq
215002fb9f terraform-providers: update scripts
- add flag to skip building updated providers
- have the github action skip building providers so we don't need to handle build failures in the script
- remove outdated `vendor` flag, all providers use `buildGoModule`
2022-02-07 12:02:36 +10:00
zowoq
fc7fb0d528 .github/workflows/update-terraform-providers.yml: minor fixes
- change ofborg command into a comment
- use WIP label instead of draft so codeowner notification works
2022-01-04 18:18:48 +10:00
zowoq
bcd238a027 .github/workflows/update-terraform-providers.yml: init
weekly update of terraform providers which can also be run manually
2022-01-04 11:00:15 +10:00
zowoq
1b8f795c94 .github/workflows/editorconfig.yml: 2.3.5 -> 2.4.0 2021-12-16 21:43:53 +10:00
zowoq
c3338bcdc4 .github/workflows/editorconfig.yml: allow PRs to skip check
Intended for treewide reformatting PRs so we don't hit the API ratelimit.
2021-12-03 12:54:08 +10:00
zowoq
0d02ab2028 .github/workflows/editorconfig.yml: write changed files to disk
This avoids errors when exporting long lists to $GITHUB_ENV.

Co-authored-by: Moritz Hedtke <Moritz.Hedtke@t-online.de>
2021-12-02 09:11:21 +10:00
zowoq
34fa1ffbe4 Revert ".github/workflows/editorconfig.yml: Don't use GitHub API for PR diff."
This reverts commit 4db84ed126.

Causing CI errors.
2021-11-30 10:42:57 +10:00
Moritz Hedtke
4db84ed126 .github/workflows/editorconfig.yml: Don't use GitHub API for PR diff.
This caused ratelimits for large PRs (reformatting PRs)
2021-11-30 09:41:52 +10:00
Martin Weinelt
3eb5d85beb .github/workflows/periodic-merge: configure 21.11 release 2021-11-28 17:00:50 -08:00
dependabot[bot]
4985724c82 build(deps): bump cachix/install-nix-action from 15 to 16
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 15 to 16.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v15...v16)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-23 13:50:59 +01:00
dependabot[bot]
a3d17b38a1 build(deps): bump cachix/install-nix-action from 14 to 15
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 14 to 15.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v14...v15)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-13 06:16:14 +01:00
Domen Kožar
6954a396d1 Revert "build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6 (#140848)"
This reverts commit 50341b0cd8.

It breaks the backport action.
2021-10-31 11:42:05 -06:00
Domen Kožar
a8ac0dd944 Revert "backport-action: 0.0.6 -> 0.0.7"
This reverts commit 7e3ba3e88b.

It breaks the backport.
2021-10-31 11:42:04 -06:00
Domen Kožar
7e3ba3e88b backport-action: 0.0.6 -> 0.0.7 2021-10-29 13:30:51 -05:00
Jörg Thalheim
50341b0cd8
build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6 (#140848)
* build(deps): bump zeebe-io/backport-action from 0.0.5 to 0.0.6

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 0.0.5 to 0.0.6.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](https://github.com/zeebe-io/backport-action/compare/v0.0.5...v0.0.6)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update .github/workflows/backport.yml

* Update .github/workflows/backport.yml

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Domen Kožar <domen@enlambda.com>
2021-10-28 20:22:14 +01:00
Martin Weinelt
8b77d991b6 .github/workflows/periodic-merge: move stable merges to 24h cycle 2021-10-05 20:53:53 +02:00
dependabot[bot]
307690708a build(deps): bump cachix/install-nix-action from 13 to 14
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 13 to 14.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v13...v14)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-09 08:05:27 +02:00
dependabot[bot]
05a5144fa9 build(deps): bump devmasx/merge-branch from 1.3.1 to 1.4.0
Bumps [devmasx/merge-branch](https://github.com/devmasx/merge-branch) from 1.3.1 to 1.4.0.
- [Release notes](https://github.com/devmasx/merge-branch/releases)
- [Changelog](https://github.com/devmasx/merge-branch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/devmasx/merge-branch/compare/v1.3.1...1.4.0)

---
updated-dependencies:
- dependency-name: devmasx/merge-branch
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-09-02 07:08:00 +10:00
Jörg Thalheim
2f9cf506dd
build(deps): bump zeebe-io/backport-action (#131466)
* build(deps): bump zeebe-io/backport-action

Bumps [zeebe-io/backport-action](https://github.com/zeebe-io/backport-action) from 2b994724142df0774855690db56bc6308fb99ffa to 0.0.5. This release includes the previously tagged commit.
- [Release notes](https://github.com/zeebe-io/backport-action/releases)
- [Commits](2b99472414...e5d4d7c39c)

---
updated-dependencies:
- dependency-name: zeebe-io/backport-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: zowoq <59103226+zowoq@users.noreply.github.com>
2021-07-25 19:22:26 +01:00
dependabot[bot]
8ebf75b3c7 build(deps): bump cachix/cachix-action from 9 to 10
Bumps [cachix/cachix-action](https://github.com/cachix/cachix-action) from 9 to 10.
- [Release notes](https://github.com/cachix/cachix-action/releases)
- [Commits](https://github.com/cachix/cachix-action/compare/v9...v10)

---
updated-dependencies:
- dependency-name: cachix/cachix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-25 13:48:04 +02:00