uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948 this can do it nicely. Signed-off-by: Anton Arapov <anton@deadbeef.mx>
2021-04-03 12:58:10 +02:00 · 2021-04-03 12:58:10 +02:00 · 56de2bcd43
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
--- a/.github/workflows/backport.yml
+++ b/.github/workflows/backport.yml
@ -0,0 +1,35 @@
+name: Backport
+on:
+  pull_request_target:
+    types: [closed, labeled]
+
+# WARNING:
+# When extending this action, be aware that $GITHUB_TOKEN allows write access to
+# the GitHub repository. This means that it should not evaluate user input in a
+# way that allows code injection.
+
+jobs:
+  backport:
+    name: Backport Pull Request
+    if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name))
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          # required to find all branches
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Create backport PRs
+        # should be kept in sync with `version`
+        uses: zeebe-io/backport-action@v0.0.5
+        with:
+          # Config README: https://github.com/zeebe-io/backport-action#backport-action
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          github_workspace: ${{ github.workspace }}
+          # should be kept in sync with `uses`
+          version: v0.0.5
+          pull_description: |-
+            Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}.
+
+            * [ ] Before merging, ensure that this backport complies with the [Criteria for Backporting](https://github.com/NixOS/nixpkgs/blob/master/CONTRIBUTING.md#criteria-for-backporting-changes).
+              * Even as a non-commiter, if you find that it does not comply, leave a comment.
--- a/.github/workflows/basic-eval.yml
+++ b/.github/workflows/basic-eval.yml
@ -0,0 +1,26 @@
+name: Basic evaluation checks
+
+on:
+  workflow_dispatch
+  # pull_request:
+  #   branches:
+  #    - master
+  #    - release-**
+  # push:
+  #   branches:
+  #    - master
+  #    - release-**
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    # we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback
+    steps:
+    - uses: actions/checkout@v3
+    - uses: cachix/install-nix-action@v17
+    - uses: cachix/cachix-action@v10
+      with:
+        # This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere.
+        name: nixpkgs-ci
+        signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+    # explicit list of supportedSystems is needed until aarch64-darwin becomes part of the trunk jobset
+    - run: nix-build pkgs/top-level/release.nix -A tarball.nixpkgs-basic-release-checks --arg supportedSystems '[ "aarch64-darwin" "aarch64-linux" "x86_64-linux" "x86_64-darwin"  ]'
--- a/.github/workflows/direct-push.yml
+++ b/.github/workflows/direct-push.yml
@ -0,0 +1,32 @@
+name: "Direct Push Warning"
+on:
+  push:
+    branches:
+     - master
+     - release-**
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'NixOS'
+    env:
+      GITHUB_SHA: ${{ github.sha }}
+      GITHUB_REPOSITORY: ${{ github.repository }}
+    steps:
+    - name: Check if commit is a merge commit
+      id: ismerge
+      run: |
+        ISMERGE=$(curl -H 'Accept: application/vnd.github.groot-preview+json' -H "authorization: Bearer ${{ secrets.GITHUB_TOKEN }}" https://api.github.com/repos/${{ env.GITHUB_REPOSITORY }}/commits/${{ env.GITHUB_SHA }}/pulls | jq -r '.[] | select(.merge_commit_sha == "${{ env.GITHUB_SHA }}") | any')
+        echo "::set-output name=ismerge::$ISMERGE"
+    # github events are eventually consistent, so wait until changes propagate to thier DB
+    - run: sleep 60
+      if: steps.ismerge.outputs.ismerge != 'true'
+    - name: Warn if the commit was a direct push
+      if: steps.ismerge.outputs.ismerge != 'true'
+      uses: peter-evans/commit-comment@v2
+      with:
+        body: |
+          @${{ github.actor }}, you pushed a commit directly to master/release branch
+          instead of going through a Pull Request.
+
+          That's highly discouraged beyond the few exceptions listed
+          on https://github.com/NixOS/nixpkgs/issues/118661
--- a/.github/workflows/editorconfig.yml
+++ b/.github/workflows/editorconfig.yml
@ -0,0 +1,43 @@
+name: "Checking EditorConfig"
+
+permissions: read-all
+
+on:
+  # avoids approving first time contributors
+  pull_request_target:
+    branches-ignore:
+      - 'release-**'
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    if: "github.repository_owner == 'NixOS' && !contains(github.event.pull_request.title, '[skip editorconfig]')"
+    steps:
+    - name: Get list of changed files from PR
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        gh api \
+          repos/NixOS/nixpkgs/pulls/${{github.event.number}}/files --paginate \
+          | jq '.[] | select(.status != "removed") | .filename' \
+          > "$HOME/changed_files"
+    - name: print list of changed files
+      run: |
+        cat "$HOME/changed_files"
+    - uses: actions/checkout@v3
+      with:
+        # pull_request_target checks out the base branch by default
+        ref: refs/pull/${{ github.event.pull_request.number }}/merge
+    - uses: cachix/install-nix-action@v17
+      with:
+        # nixpkgs commit is pinned so that it doesn't break
+        # editorconfig-checker 2.4.0
+        nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/c473cc8714710179df205b153f4e9fa007107ff9.tar.gz
+    - name: install editorconfig-checker
+      run: nix-env -iA editorconfig-checker -f '<nixpkgs>'
+    - name: Checking EditorConfig
+      run: |
+        cat "$HOME/changed_files" | xargs -r editorconfig-checker -disable-indent-size
+    - if: ${{ failure() }}
+      run: |
+        echo "::error :: Hey! It looks like your changes don't follow our editorconfig settings. Read https://editorconfig.org/#download to configure your editor so you never see this error again."
--- a/.github/workflows/labels.yml
+++ b/.github/workflows/labels.yml
@ -0,0 +1,24 @@
+name: "Label PR"
+
+on:
+  pull_request_target:
+    types: [edited, opened, synchronize, reopened]
+
+# WARNING:
+# When extending this action, be aware that $GITHUB_TOKEN allows some write
+# access to the GitHub API. This means that it should not evaluate user input in
+# a way that allows code injection.
+
+permissions:
+  contents: read
+  pull-requests: write
+
+jobs:
+  labels:
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'NixOS'
+    steps:
+    - uses: actions/labeler@v4
+      with:
+        repo-token: ${{ secrets.GITHUB_TOKEN }}
+        sync-labels: true
--- a/.github/workflows/manual-nixos.yml
+++ b/.github/workflows/manual-nixos.yml
@ -0,0 +1,31 @@
+name: "Build NixOS manual"
+
+permissions: read-all
+
+on:
+  pull_request_target:
+    branches:
+      - master
+    paths:
+      - 'nixos/**'
+
+jobs:
+  nixos:
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'NixOS'
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          # pull_request_target checks out the base branch by default
+          ref: refs/pull/${{ github.event.pull_request.number }}/merge
+      - uses: cachix/install-nix-action@v17
+        with:
+          # explicitly enable sandbox
+          extra_nix_config: sandbox = true
+      - uses: cachix/cachix-action@v10
+        with:
+          # This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere.
+          name: nixpkgs-ci
+          signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+      - name: Building NixOS manual
+        run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true nixos/release.nix -A manual.x86_64-linux
--- a/.github/workflows/manual-nixpkgs.yml
+++ b/.github/workflows/manual-nixpkgs.yml
@ -0,0 +1,31 @@
+name: "Build Nixpkgs manual"
+
+permissions: read-all
+
+on:
+  pull_request_target:
+    branches:
+      - master
+    paths:
+      - 'doc/**'
+
+jobs:
+  nixpkgs:
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'NixOS'
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          # pull_request_target checks out the base branch by default
+          ref: refs/pull/${{ github.event.pull_request.number }}/merge
+      - uses: cachix/install-nix-action@v17
+        with:
+          # explicitly enable sandbox
+          extra_nix_config: sandbox = true
+      - uses: cachix/cachix-action@v10
+        with:
+          # This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere.
+          name: nixpkgs-ci
+          signingKey: '${{ secrets.CACHIX_SIGNING_KEY }}'
+      - name: Building Nixpkgs manual
+        run: NIX_PATH=nixpkgs=$(pwd) nix-build --option restrict-eval true pkgs/top-level/release.nix -A manual
--- a/.github/workflows/nixos-manual.yml
+++ b/.github/workflows/nixos-manual.yml
@ -0,0 +1,26 @@
+name: NixOS manual checks
+
+permissions: read-all
+
+on:
+  pull_request_target:
+    branches-ignore:
+      - 'release-**'
+    paths:
+      - 'nixos/**/*.xml'
+      - 'nixos/**/*.md'
+
+jobs:
+  tests:
+    runs-on: ubuntu-latest
+    if: github.repository_owner == 'NixOS'
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        # pull_request_target checks out the base branch by default
+        ref: refs/pull/${{ github.event.pull_request.number }}/merge
+    - uses: cachix/install-nix-action@v17
+    - name: Check DocBook files generated from Markdown are consistent
+      run: |
+        nixos/doc/manual/md-to-db.sh
+        git diff --exit-code
--- a/.github/workflows/no-channel.yml
+++ b/.github/workflows/no-channel.yml
@ -0,0 +1,21 @@
+name: "No channel PR"
+
+on:
+  pull_request:
+    branches:
+      - 'nixos-**'
+      - 'nixpkgs-**'
+
+jobs:
+  fail:
+    name: "This PR is is targeting a channel branch"
+    runs-on: ubuntu-latest
+    steps:
+    - run: |
+        cat <<EOF
+        The nixos-* and nixpkgs-* branches are pushed to by the channel
+        release script and should not be merged into directly.
+
+        Please target the equivalent release-* branch or master instead.
+        EOF
+        exit 1
--- a/.github/workflows/pending-clear.yml
+++ b/.github/workflows/pending-clear.yml
@ -0,0 +1,21 @@
+name: "clear pending status"
+
+on:
+  check_suite:
+    types: [ completed ]
+
+jobs:
+  action:
+    runs-on: ubuntu-latest
+    steps:
+    - name: clear pending status
+      if: github.repository_owner == 'NixOS' && github.event.check_suite.app.name == 'OfBorg'
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        curl \
+          -X POST \
+          -H "Accept: application/vnd.github.v3+json" \
+          -H "Authorization: token $GITHUB_TOKEN" \
+          -d '{"state": "success", "target_url": " ", "description": " ", "context": "Wait for ofborg"}' \
+          "https://api.github.com/repos/NixOS/nixpkgs/statuses/${{ github.event.check_suite.head_sha }}"
--- a/.github/workflows/pending-set.yml
+++ b/.github/workflows/pending-set.yml
@ -0,0 +1,25 @@
+name: "set pending status"
+
+on:
+  pull_request_target:
+
+# WARNING:
+# When extending this action, be aware that $GITHUB_TOKEN allows write access to
+# the GitHub repository. This means that it should not evaluate user input in a
+# way that allows code injection.
+
+jobs:
+  action:
+    runs-on: ubuntu-latest
+    steps:
+    - name: set pending status
+      if: github.repository_owner == 'NixOS'
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        curl \
+          -X POST \
+          -H "Accept: application/vnd.github.v3+json" \
+          -H "Authorization: token $GITHUB_TOKEN" \
+          -d '{"state": "pending", "target_url": " ", "description": "This pending status will be cleared when ofborg starts eval.", "context": "Wait for ofborg"}' \
+          "https://api.github.com/repos/NixOS/nixpkgs/statuses/${{ github.event.pull_request.head.sha }}"
--- a/.github/workflows/periodic-merge-24h.yml
+++ b/.github/workflows/periodic-merge-24h.yml
@ -0,0 +1,57 @@
+# This action periodically merges base branches into staging branches.
+# This is done to
+#  * prevent conflicts or rather resolve them early
+#  * make all potential breakage happen on the staging branch
+#  * and make sure that all major rebuilds happen before the staging
+#    branch get’s merged back into its base branch.
+
+name: "Periodic Merges (24h)"
+
+
+on:
+  schedule:
+    # * is a special character in YAML so you have to quote this string
+    # Merge every 24 hours
+    - cron:  '0 0 * * *'
+
+jobs:
+  periodic-merge:
+    if: github.repository_owner == 'NixOS'
+    runs-on: ubuntu-latest
+    strategy:
+      # don't fail fast, so that all pairs are tried
+      fail-fast: false
+      # certain branches need to be merged in order, like master->staging-next->staging
+      # and disabling parallelism ensures the order of the pairs below.
+      max-parallel: 1
+      matrix:
+        pairs:
+          - from: master
+            into: haskell-updates
+          - from: release-21.11
+            into: staging-next-21.11
+          - from: staging-next-21.11
+            into: staging-21.11
+          - from: release-22.05
+            into: staging-next-22.05
+          - from: staging-next-22.05
+            into: staging-22.05
+    name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
+        uses: devmasx/merge-branch@1.4.0
+        with:
+          type: now
+          from_branch: ${{ matrix.pairs.from }}
+          target_branch: ${{ matrix.pairs.into }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Comment on failure
+        uses: peter-evans/create-or-update-comment@v2
+        if: ${{ failure() }}
+        with:
+          issue-number: 105153
+          body: |
+            Periodic merge from `${{ matrix.pairs.from }}` into `${{ matrix.pairs.into }}` has [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}).
--- a/.github/workflows/periodic-merge-6h.yml
+++ b/.github/workflows/periodic-merge-6h.yml
@ -0,0 +1,51 @@
+# This action periodically merges base branches into staging branches.
+# This is done to
+#  * prevent conflicts or rather resolve them early
+#  * make all potential breakage happen on the staging branch
+#  * and make sure that all major rebuilds happen before the staging
+#    branch get’s merged back into its base branch.
+
+name: "Periodic Merges (6h)"
+
+
+on:
+  schedule:
+    # * is a special character in YAML so you have to quote this string
+    # Merge every 6 hours
+    - cron:  '0 */6 * * *'
+
+jobs:
+  periodic-merge:
+    if: github.repository_owner == 'NixOS'
+    runs-on: ubuntu-latest
+    strategy:
+      # don't fail fast, so that all pairs are tried
+      fail-fast: false
+      # certain branches need to be merged in order, like master->staging-next->staging
+      # and disabling parallelism ensures the order of the pairs below.
+      max-parallel: 1
+      matrix:
+        pairs:
+          - from: master
+            into: staging-next
+          - from: staging-next
+            into: staging
+    name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
+        uses: devmasx/merge-branch@1.4.0
+        with:
+          type: now
+          from_branch: ${{ matrix.pairs.from }}
+          target_branch: ${{ matrix.pairs.into }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Comment on failure
+        uses: peter-evans/create-or-update-comment@v2
+        if: ${{ failure() }}
+        with:
+          issue-number: 105153
+          body: |
+            Periodic merge from `${{ matrix.pairs.from }}` into `${{ matrix.pairs.into }}` has [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}).
--- a/.github/workflows/update-terraform-providers.yml
+++ b/.github/workflows/update-terraform-providers.yml
@ -0,0 +1,48 @@
+name: "Update terraform-providers"
+
+on:
+  schedule:
+    - cron: "14 3 * * 1"
+  workflow_dispatch:
+
+jobs:
+  tf-providers:
+    if: github.repository_owner == 'NixOS' && github.ref == 'refs/heads/master' # ensure workflow_dispatch only runs on master
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: cachix/install-nix-action@v17
+      - name: setup
+        id: setup
+        run: |
+          echo ::set-output name=title::"terraform-providers: update $(date -u +"%Y-%m-%d")"
+      - name: update terraform-providers
+        run: |
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config user.name "github-actions[bot]"
+          pushd pkgs/applications/networking/cluster/terraform-providers
+          ./update-all-providers --no-build
+          git commit -m "${{ steps.setup.outputs.title }}" providers.json
+          popd
+      - name: create PR
+        uses: peter-evans/create-pull-request@v4
+        with:
+          body: |
+            Automatic update by [update-terraform-providers](https://github.com/NixOS/nixpkgs/blob/master/.github/workflows/update-terraform-providers.yml) action.
+
+            Check that all providers build with:
+            ```
+            @ofborg build terraform-full
+            ```
+          branch: terraform-providers-update
+          delete-branch: false
+          labels: "2.status: work-in-progress"
+          title: ${{ steps.setup.outputs.title }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - name: comment on failure
+        uses: peter-evans/create-or-update-comment@v2
+        if: ${{ failure() }}
+        with:
+          issue-number: 153416
+          body: |
+            Automatic update of terraform providers [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}).