-
-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GHA: add basic eval checks #129427
GHA: add basic eval checks #129427
Conversation
.github/workflows/tarball.yml
Outdated
|
||
jobs: | ||
tests: | ||
runs-on: ubuntu-latest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
runs-on: ubuntu-latest | |
runs-on: ubuntu-latest | |
if: github.repository_owner == 'NixOS' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure that's really needed, I'd like my forks to check for evaluation errors before I make a PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add a comment then as this will be the only one without the restriction.
.github/workflows/tarball.yml
Outdated
steps: | ||
- uses: actions/checkout@v2 | ||
- uses: cachix/install-nix-action@v13 | ||
- run: nix-build pkgs/top-level/release.nix -A tarball --arg supportedSystems '[ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ]' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nit: maybe at least move it to the first place? (Otherwise it takes quite some time to get to the error specific for aarch64-darwin, and we don't check it anywhere else so far.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've pushed a fix that make swap partition 8GB. 🤞
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just checked the runtime of the checks and so far they are not done after 67 minutes which is a bit on the long side.
588e182
to
b028552
Compare
I've removed (temporarily) the two checks that take each 15GB and 19GB of memory. Now the job takes 10min. How about we add a boolean flag to the tarball build like |
I had previously thought about splitting it into multiple builds (multiple |
I've split the basic checks in a separate derivation and made GHA only build that. The checks only trigger on master/release-* branches. Ideally we'd also run the two full evals, but they each take 16GB and 19GB of memory which takes quite a while due to a large swap usage. |
- uses: actions/checkout@v2 | ||
- uses: cachix/install-nix-action@v13 | ||
# explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset | ||
- run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin" ]' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would gives us a build matrix a 4x speedup here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We also need to make sure people to not try to run this command on an older nixpkgs checkout or they are greeted with this error message: error: attribute 'nixpkgs-basic-release-checks' in selection path 'tarball.nixpkgs-basic-release-checks' not found
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could that happen? This .yml
is in-repo, so I don't expect it would naturally act on older commits.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤔 I think you are right. People wouldn't run into this when they use an older checkout.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would gives us a build matrix a 4x speedup here?
Not entirely since there's overhead of the job doing other checks as well.
I'm a bit hestiant to do that not to hit the jobs limit on our repo.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is the job limit? Is there any sharing between different architectures apart from downloading & installing nix?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
jobs: | ||
tests: | ||
runs-on: ubuntu-latest | ||
# we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't agree with this one. Normally when the tarball does not build on hydra the error messages are always very cryptic or do not display any helpful information at all. So far I was not able to fix any of those build failures on hydra when they blocked a channel advancement and I think my nix knowledge is above average and I should be able to fix that or at least diagnose the problem.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's an orthogonal problem? This job only gives you feedback that it will block the channel if merged. So the issue has to be addressed before the PR goes in.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmmm.. Maybe we should just try it and see how it goes.
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Please take another look :) |
I'm going to merge this in a day unless there are any objections. |
On staging it should probably not use nix from nixpkgs but from a hydra cached version: https://github.com/NixOS/nixpkgs/pull/130425/checks?check_run_id=3091788566 Mhm sees is probably already the case. Is there a way to evaluate what the tarball evaluates without doing a stdenv rebuild? |
It's supposed to trigger only for master/release branches |
Mhm. Okay. Maybe my own fault, because the branch was target to master first. |
echo 'abort "Illegal use of <nixpkgs> in Nixpkgs."' > $TMPDIR/barf.nix | ||
|
||
# Make sure that Nixpkgs does not use <nixpkgs>. | ||
badFiles=$(find $src/pkgs -type f -name '*.nix' -print | xargs grep -l '^[^#]*<nixpkgs\/' || true) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this expected that this grep
s through nix files, while hitting comments?
Until ofborg supports aarch64-darwin we can just run the tarball checks on GHA to make sure evaluation errors don't slip by.