!djTaTBQyWEPRQxrPTb:nixos.org

Nixpkgs Architecture Team

227 Members
https://github.com/nixpkgs-architecture, weekly public meetings on Wednesday 15:00-16:00 UTC at https://meet.jit.si/nixpkgs-architecture53 Servers

Load older messages

SenderMessageTime
20 Mar 2024
@hacker1024:matrix.orghacker1024 joined the room.23:20:05
@infinisil:matrix.orginfinisilAlthough this would involve having to manually push tags, not a fan of that23:20:48
@infinisil:matrix.orginfinisilWould be nicer if it would automatically do a weekly PR, which when merged creates a release23:21:01
@infinisil:matrix.orginfinisilOr so23:21:05
@philiptaron:matrix.orgPhilip Taron (UTC-8)That's totally possible, and since we'll need a machine account anyway to not get stalled on automated PRs, it can absolutely push a tag, I would think.23:22:09
@infinisil:matrix.orginfinisilThe automated update PRs (like https://github.com/NixOS/nixpkgs-check-by-name/pull/14) don't need any special privileges, since it's just a PR23:23:13
@infinisil:matrix.orginfinisilA tag would need more permissions23:23:18
@infinisil:matrix.orginfinisilWe could do something like "For every master push, check if its version number increased, if yes, create a release"23:23:47
@philiptaron:matrix.orgPhilip Taron (UTC-8)Having that in the git metadata is quite nice.23:24:09
@philiptaron:matrix.orgPhilip Taron (UTC-8)Sure, it's more permissions, but it's really nice.23:24:28
@infinisil:matrix.orginfinisilI guess we really don't need a separate machine account for the automated releases23:25:43
@infinisil:matrix.orginfinisilWe can just give the github action permission for that23:26:01
@infinisil:matrix.orginfinisilThe separate machine account workaround is only needed to trigger workflows from PRs triggered by workflows23:26:30
@philiptaron:matrix.orgPhilip Taron (UTC-8)
In reply to @infinisil:matrix.org
Would be nicer if it would automatically do a weekly PR, which when merged creates a release

The separate machine account workaround is only needed to trigger workflows from PRs triggered by workflows

I'm getting confused.

We do want an automatic-ish update of dependencies. ✅ -- but with an explicit human in the loop hitting the merge button.
We do want an automatic-ish release process. ✅ -- but with an explicit human in the loop to move from draft to public.

So, we want a separate machine account, so that the CI all fits together, and doesn't get wedged like #14 did.

Right?

23:34:24
@infinisil:matrix.orginfinisilAhh right!23:34:53
@infinisil:matrix.orginfinisilI'm getting confused too 😅23:34:59
@infinisil:matrix.orginfinisil

Philip Taron (UTC-8): Concretely, how about this:

  • The version gets bumped (probably in Cargo.toml) with a PR
    • This can either happen manually if somebody remembers
    • Otherwise a bot will automatically do that with a PR that just does the version bump
  • A separate workflow, triggered on main branch pushes, takes care to do the release whenever the version gets bumped
23:39:22
@infinisil:matrix.orginfinisil *

Philip Taron (UTC-8): Concretely, how about this:

  1. The version gets bumped (probably in Cargo.toml) with a PR

    • This can either happen manually if somebody remembers
    • Otherwise a bot will automatically do that with a PR that just does the version bump

  2. A separate workflow, triggered on main branch pushes, takes care to do the release whenever the version gets bumped

23:39:39
@infinisil:matrix.orginfinisilFor 1. we need the separate machine account, but it doesn't need any permissions because it just creates a PR. For 2. we don't need a separate machine account and can just give the workflow the permission to push a tag/release23:40:37
@infinisil:matrix.orginfinisil *

Philip Taron (UTC-8): Concretely, how about this:

  1. The version gets bumped (probably in Cargo.toml) with a PR
    • This can either happen manually if somebody remembers
    • Otherwise a bot will automatically do that regularly with a PR that just does the version bump
  2. A separate workflow, triggered on main branch pushes, takes care to do the release whenever the version gets bumped
23:42:39
@infinisil:matrix.orginfinisilSo yes, separate machine account needed for both release bump PRs and dependency bump PRs23:43:28
@infinisil:matrix.orginfinisilMaybe that should be the same PR actually23:43:40
@federicodschonborn:matrix.org@federicodschonborn:matrix.org joined the room.23:48:29
@philiptaron:matrix.orgPhilip Taron (UTC-8)
In reply to @infinisil:matrix.org
Maybe that should be the same PR actually
That's a fine idea. 		23:49:04
21 Mar 2024
@infinisil:matrix.orginfinisil Philip Taron (UTC-8): Just opened https://github.com/NixOS/nixpkgs-check-by-name/pull/15 to hopefully fix the automated updates 00:40:38
@rhys:memes.nzRhys joined the room.02:19:45
@infinisil:matrix.orginfinisilAnd automated releases: https://github.com/NixOS/nixpkgs-check-by-name/pull/16 :)03:37:53
@infinisil:matrix.orginfinisilBed time for me now though o/03:38:06
@aloisw:kde.org@aloisw:kde.org joined the room.08:43:47
@mjolnir:nixos.orgNixOS Moderation Botchanged room power levels.18:03:15

Show newer messages

Back to Room ListRoom Version: 9