GHA: add basic eval checks #129427
GHA: add basic eval checks #129427
Conversation
.github/workflows/tarball.yml
Outdated
|
|
||
| jobs: | ||
| tests: | ||
| runs-on: ubuntu-latest |
There was a problem hiding this comment.
| runs-on: ubuntu-latest | |
| runs-on: ubuntu-latest | |
| if: github.repository_owner == 'NixOS' |
There was a problem hiding this comment.
I'm not sure that's really needed, I'd like my forks to check for evaluation errors before I make a PR.
There was a problem hiding this comment.
Add a comment then as this will be the only one without the restriction.
.github/workflows/tarball.yml
Outdated
| steps: | ||
| - uses: actions/checkout@v2 | ||
| - uses: cachix/install-nix-action@v13 | ||
| - run: nix-build pkgs/top-level/release.nix -A tarball --arg supportedSystems '[ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ]' |
There was a problem hiding this comment.
Nit: maybe at least move it to the first place? (Otherwise it takes quite some time to get to the error specific for aarch64-darwin, and we don't check it anywhere else so far.)
There was a problem hiding this comment.
There was a problem hiding this comment.
I've pushed a fix that make swap partition 8GB. 🤞
There was a problem hiding this comment.
I just checked the runtime of the checks and so far they are not done after 67 minutes which is a bit on the long side.
domenkozar
force-pushed
the
gha-tarball
branch
3 times, most recently
from
588e182
to
b028552
Compare
|
I've removed (temporarily) the two checks that take each 15GB and 19GB of memory. Now the job takes 10min. How about we add a boolean flag to the tarball build like |
|
I had previously thought about splitting it into multiple builds (multiple |
|
I've split the basic checks in a separate derivation and made GHA only build that. The checks only trigger on master/release-* branches. Ideally we'd also run the two full evals, but they each take 16GB and 19GB of memory which takes quite a while due to a large swap usage. |
| - uses: actions/checkout@v2 | ||
| - uses: cachix/install-nix-action@v13 | ||
| # explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset | ||
| - run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin" ]' |
There was a problem hiding this comment.
Would gives us a build matrix a 4x speedup here?
There was a problem hiding this comment.
We also need to make sure people to not try to run this command on an older nixpkgs checkout or they are greeted with this error message: error: attribute 'nixpkgs-basic-release-checks' in selection path 'tarball.nixpkgs-basic-release-checks' not found
There was a problem hiding this comment.
Could that happen? This .yml is in-repo, so I don't expect it would naturally act on older commits.
There was a problem hiding this comment.
🤔 I think you are right. People wouldn't run into this when they use an older checkout.
There was a problem hiding this comment.
Would gives us a build matrix a 4x speedup here?
Not entirely since there's overhead of the job doing other checks as well.
I'm a bit hestiant to do that not to hit the jobs limit on our repo.
There was a problem hiding this comment.
What is the job limit? Is there any sharing between different architectures apart from downloading & installing nix?
| jobs: | ||
| tests: | ||
| runs-on: ubuntu-latest | ||
| # we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback |
There was a problem hiding this comment.
I don't agree with this one. Normally when the tarball does not build on hydra the error messages are always very cryptic or do not display any helpful information at all. So far I was not able to fix any of those build failures on hydra when they blocked a channel advancement and I think my nix knowledge is above average and I should be able to fix that or at least diagnose the problem.
There was a problem hiding this comment.
That's an orthogonal problem? This job only gives you feedback that it will block the channel if merged. So the issue has to be addressed before the PR goes in.
There was a problem hiding this comment.
Hmmm.. Maybe we should just try it and see how it goes.
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
|
Please take another look :) |
|
I'm going to merge this in a day unless there are any objections. |
|
On staging it should probably not use nix from nixpkgs but from a hydra cached version: https://github.com/NixOS/nixpkgs/pull/130425/checks?check_run_id=3091788566 Mhm sees is probably already the case. Is there a way to evaluate what the tarball evaluates without doing a stdenv rebuild? |
|
It's supposed to trigger only for master/release branches |
|
Mhm. Okay. Maybe my own fault, because the branch was target to master first. |
| echo 'abort "Illegal use of <nixpkgs> in Nixpkgs."' > $TMPDIR/barf.nix | ||
|
|
||
| # Make sure that Nixpkgs does not use <nixpkgs>. | ||
| badFiles=$(find $src/pkgs -type f -name '*.nix' -print | xargs grep -l '^[^#]*<nixpkgs\/' || true) |
There was a problem hiding this comment.
Is this expected that this greps through nix files, while hitting comments?
Until ofborg supports aarch64-darwin we can just run the tarball checks on GHA to make sure evaluation errors don't slip by.