From 42dd398574927d91512de1179902248042a16820 Mon Sep 17 00:00:00 2001
From: Wolfgang Walther <walther@technowledgy.de>
Date: Wed, 8 Jan 2025 22:01:14 +0100
Subject: [PATCH 1/3] workflows: avoid running jobs when editing title etc.

We intend to use the edited event to react to base branch changes - but
before this change, we also ran those jobs on simple edits like title or
description.

While this works for some of the quicker jobs, it will not be
sustainable for all evaluation-related jobs. But evaluation needs to be
re-triggered on a base branch change as well, thus this change.
---
 .github/workflows/check-nix-format.yml |  2 +-
 .github/workflows/check-nixf-tidy.yml  |  2 +-
 .github/workflows/codeowners-v2.yml    |  3 +-
 .github/workflows/edited-base.yml      | 39 ++++++++++++++++++++++++++
 .github/workflows/edited.yml           | 25 +++++++++++++++++
 .github/workflows/labels.yml           |  2 +-
 .github/workflows/nixpkgs-vet.yml      |  6 +---
 .github/workflows/no-channel.yml       |  5 ++--
 8 files changed, 72 insertions(+), 12 deletions(-)
 create mode 100644 .github/workflows/edited-base.yml
 create mode 100644 .github/workflows/edited.yml

diff --git a/.github/workflows/check-nix-format.yml b/.github/workflows/check-nix-format.yml
index a70e132dc459a..44ac72852a10a 100644
--- a/.github/workflows/check-nix-format.yml
+++ b/.github/workflows/check-nix-format.yml
@@ -8,7 +8,7 @@ name: Check that Nix files are formatted
 
 on:
   pull_request_target:
-    types: [opened, synchronize, reopened, edited]
+  workflow_call:
 
 permissions: {}
 
diff --git a/.github/workflows/check-nixf-tidy.yml b/.github/workflows/check-nixf-tidy.yml
index 8b148ba33bc44..5b337e4c1fa29 100644
--- a/.github/workflows/check-nixf-tidy.yml
+++ b/.github/workflows/check-nixf-tidy.yml
@@ -2,7 +2,7 @@ name: Check changed Nix files with nixf-tidy (experimental)
 
 on:
   pull_request_target:
-    types: [opened, synchronize, reopened, edited]
+  workflow_call:
 
 permissions: {}
 
diff --git a/.github/workflows/codeowners-v2.yml b/.github/workflows/codeowners-v2.yml
index 8b5267b25c630..e94087c2af59f 100644
--- a/.github/workflows/codeowners-v2.yml
+++ b/.github/workflows/codeowners-v2.yml
@@ -24,7 +24,8 @@ name: Codeowners v2
 
 on:
   pull_request_target:
-    types: [opened, ready_for_review, synchronize, reopened, edited]
+    types: [opened, ready_for_review, synchronize, reopened]
+  workflow_call:
 
 permissions: {}
 
diff --git a/.github/workflows/edited-base.yml b/.github/workflows/edited-base.yml
new file mode 100644
index 0000000000000..6259de9dfdb69
--- /dev/null
+++ b/.github/workflows/edited-base.yml
@@ -0,0 +1,39 @@
+# Instead of adding all the jobs to run on a changed base to "edited.yml", we use this intermediate layer.
+# This will make it, that in the case of editing the title or description, there will only be a single skipped job
+# appearing in the checks list, instead of all the jobs below cluttering the output.
+
+name: "Edited Base"
+
+on:
+  workflow_call:
+
+permissions: {}
+
+jobs:
+  check-nix-format:
+    name: Check that Nix files are formatted
+    uses: ./.github/workflows/check-nix-format.yml
+
+  check-nixf-tidy:
+    name: Check changed Nix files with nixf-tidy (experimental)
+    uses: ./.github/workflows/check-nixf-tidy.yml
+
+  codeowners-v2:
+    name: Codeowners v2
+    uses: ./.github/workflows/codeowners-v2.yml
+
+  labels:
+    name: Label PR
+    uses: ./.github/workflows/labels.yml
+    permissions:
+      contents: read
+      pull-requests: write
+
+  nixpkgs-vet:
+    name: Vet nixpkgs
+    uses: ./.github/workflows/nixpkgs-vet.yml
+
+  no-channel:
+    name: No channel PR
+    if: startsWith(github.event.pull_request.base.ref, 'nixos-') || startsWith(github.event.pull_request.base.ref, 'nixpkgs-')
+    uses: ./.github/workflows/no-channel.yml
diff --git a/.github/workflows/edited.yml b/.github/workflows/edited.yml
new file mode 100644
index 0000000000000..c2f5361869af1
--- /dev/null
+++ b/.github/workflows/edited.yml
@@ -0,0 +1,25 @@
+# Some workflows depend on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`.
+# Instead it causes an `edited` event.
+# Since `edited` is also triggered when PR title/body is changed, we use this wrapper workflow, to run the other workflows conditionally only.
+# There is a feature request for adding a `base_changed` event: https://github.com/orgs/community/discussions/35058
+#
+# Instead of adding this to each workflow's pull_request_target event, we trigger this in a separate workflow.
+# This has the advantage, that we can actually skip running those jobs for simple edits like changing the title or description.
+
+name: "Edited"
+
+on:
+  pull_request_target:
+    types: [edited]
+
+permissions: {}
+
+jobs:
+  base:
+    name: Base
+    if: github.event.changes.base.ref.from && github.event.changes.base.ref.from != github.event.pull_request.base.ref
+    uses: ./.github/workflows/edited-base.yml
+    # Currently needed downstream for labels.yml
+    permissions:
+      contents: read
+      pull-requests: write
diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml
index 80a186bbfa62b..cb5e877957565 100644
--- a/.github/workflows/labels.yml
+++ b/.github/workflows/labels.yml
@@ -7,7 +7,7 @@ name: "Label PR"
 
 on:
   pull_request_target:
-    types: [edited, opened, synchronize, reopened]
+  workflow_call:
 
 permissions:
   contents: read
diff --git a/.github/workflows/nixpkgs-vet.yml b/.github/workflows/nixpkgs-vet.yml
index 0b2f4e1c96d36..96e2a09add92f 100644
--- a/.github/workflows/nixpkgs-vet.yml
+++ b/.github/workflows/nixpkgs-vet.yml
@@ -7,11 +7,7 @@ name: Vet nixpkgs
 
 on:
   pull_request_target:
-    # This workflow depends on the base branch of the PR, but changing the base branch is not included in the default trigger events, which would be `opened`, `synchronize` or `reopened`.
-    # Instead it causes an `edited` event, so we need to add it explicitly here.
-    # While `edited` is also triggered when the PR title/body is changed, this PR action is fairly quick, and PRs don't get edited **that** often, so it shouldn't be a problem.
-    # There is a feature request for adding a `base_changed` event: https://github.com/orgs/community/discussions/35058
-    types: [opened, synchronize, reopened, edited]
+  workflow_call:
 
 permissions: {}
 
diff --git a/.github/workflows/no-channel.yml b/.github/workflows/no-channel.yml
index acaa937ad9360..d1e30bdb43ab7 100644
--- a/.github/workflows/no-channel.yml
+++ b/.github/workflows/no-channel.yml
@@ -2,17 +2,16 @@ name: "No channel PR"
 
 on:
   pull_request_target:
-    # Re-run should be triggered when the base branch is updated, instead of silently failing
-    types: [opened, synchronize, reopened, edited]
     branches:
       - 'nixos-**'
       - 'nixpkgs-**'
+  workflow_call:
 
 permissions: {}
 
 jobs:
   fail:
-    name: "This PR is is targeting a channel branch"
+    name: "This PR is targeting a channel branch"
     runs-on: ubuntu-24.04
     steps:
       - run: |

From 6c24f438fe632875f18ca0ba6880fa35cd654f90 Mon Sep 17 00:00:00 2001
From: Wolfgang Walther <walther@technowledgy.de>
Date: Thu, 9 Jan 2025 21:21:26 +0100
Subject: [PATCH 2/3] workflows/eval: run when base branch changed

When the base branch changes, we need to run full eval again, because
the changed output paths depend on the base branch.
---
 .github/workflows/edited-base.yml | 4 ++++
 .github/workflows/eval.yml        | 1 +
 2 files changed, 5 insertions(+)

diff --git a/.github/workflows/edited-base.yml b/.github/workflows/edited-base.yml
index 6259de9dfdb69..05b717c910758 100644
--- a/.github/workflows/edited-base.yml
+++ b/.github/workflows/edited-base.yml
@@ -22,6 +22,10 @@ jobs:
     name: Codeowners v2
     uses: ./.github/workflows/codeowners-v2.yml
 
+  eval:
+    name: Eval
+    uses: ./.github/workflows/eval.yml
+
   labels:
     name: Label PR
     uses: ./.github/workflows/labels.yml
diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml
index 273b2e2a05215..4df701dd0deb0 100644
--- a/.github/workflows/eval.yml
+++ b/.github/workflows/eval.yml
@@ -2,6 +2,7 @@ name: Eval
 
 on:
   pull_request_target:
+  workflow_call:
   push:
     # Keep this synced with ci/request-reviews/dev-branches.txt
     branches:

From c765b6ce2b8c15280c4eb2482419c3d2fba28df3 Mon Sep 17 00:00:00 2001
From: Wolfgang Walther <walther@technowledgy.de>
Date: Thu, 9 Jan 2025 21:28:31 +0100
Subject: [PATCH 3/3] workflows/eval: no maintainer reviews in draft mode

---
 .github/workflows/eval.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml
index 4df701dd0deb0..a3d59a8ccb730 100644
--- a/.github/workflows/eval.yml
+++ b/.github/workflows/eval.yml
@@ -2,6 +2,7 @@ name: Eval
 
 on:
   pull_request_target:
+    types: [opened, ready_for_review, synchronize, reopened]
   workflow_call:
   push:
     # Keep this synced with ci/request-reviews/dev-branches.txt
@@ -335,3 +336,5 @@ jobs:
           REPOSITORY: ${{ github.repository }}
           NUMBER: ${{ github.event.number }}
           AUTHOR: ${{ github.event.pull_request.user.login }}
+          # Don't request reviewers on draft PRs
+          DRY_MODE: ${{ github.event.pull_request.draft && '1' || '' }}