Skip to content

Commit

Permalink
Merge pull request #33 from DeterminateSystems/cel-conditions
Browse files Browse the repository at this point in the history
Add support for CEL conditions
  • Loading branch information
lucperkins authored Jul 9, 2024
2 parents a548f47 + 0e877e7 commit 59338ba
Show file tree
Hide file tree
Showing 5 changed files with 18 additions and 1 deletion.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ The Nix Flake Checker Action has a number of configuration parameters that you c

| Parameter | Description | Default |
| :-------------------------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | :----------- |
| `condition` | An optional Common Expression Language (CEL) condition expressing your flake policy. Supersedes all `check-*` parameters. | |
| `flake-lock-path` | The path to the `flake.lock` file you want to check. | `flake.lock` |
| `check-outdated` | Whether to check that the root Nixpkgs input is less than 30 days old. | `true` |
| `check-owner` | Whether to check that the root Nixpkgs input has the `NixOS` GitHub org as its owner. | `true` |
Expand Down
5 changes: 5 additions & 0 deletions action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,11 @@ inputs:
description: |
The path to the `flake.lock` file you want to check.
default: flake.lock
condition:
description: |
A Common Expression Language (CEL) condition expressing your flake policy.
Supersedes all `check-*` parameters.
required: false
check-outdated:
description: |
Whether to check that the root Nixpkgs input is less than 30 days old.
Expand Down
4 changes: 4 additions & 0 deletions dist/index.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion dist/index.js.map

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 7 additions & 0 deletions src/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import { DetSysAction, inputs } from "detsys-ts";
const EVENT_EXECUTION_FAILURE = "execution_failure";

class FlakeCheckerAction extends DetSysAction {
condition: string | null;
flakeLockPath: string;
nixpkgsKeys: string;
checkOutdated: boolean;
Expand All @@ -23,6 +24,7 @@ class FlakeCheckerAction extends DetSysAction {
requireNix: "ignore",
});

this.condition = inputs.getStringOrNull("condition");
this.flakeLockPath = inputs.getString("flake-lock-path");
this.nixpkgsKeys = inputs.getString("nixpkgs-keys");
this.checkOutdated = inputs.getBool("check-outdated");
Expand Down Expand Up @@ -72,6 +74,10 @@ class FlakeCheckerAction extends DetSysAction {
executionEnv.NIX_FLAKE_CHECKER_FLAKE_LOCK_PATH = this.flakeLockPath;
executionEnv.NIX_FLAKE_CHECKER_NIXPKGS_KEYS = this.nixpkgsKeys;

if (this.condition) {
executionEnv.NIX_FLAKE_CHECKER_CONDITION = this.condition;
}

if (!this.sendStatistics) {
executionEnv.NIX_FLAKE_CHECKER_NO_TELEMETRY = "false";
}
Expand Down Expand Up @@ -103,6 +109,7 @@ class FlakeCheckerAction extends DetSysAction {
type ExecutionEnvironment = {
// All env vars are strings, no fanciness here.
RUST_BACKTRACE?: string;
NIX_FLAKE_CHECKER_CONDITION?: string;
NIX_FLAKE_CHECKER_FLAKE_LOCK_PATH?: string;
NIX_FLAKE_CHECKER_NIXPKGS_KEYS?: string;
NIX_FLAKE_CHECKER_NO_TELEMETRY?: string;
Expand Down

0 comments on commit 59338ba

Please sign in to comment.