Original commit from https://github.com/NixOS/nixpkgs/pull/282226,
message:
Running CI locally is broken becauses the `-I` argument:
- Clobbers $NIX_PATH
- Is wrong for two reasons:
- Has too many `..` elements, relative to the script's location
- Isn't relative to the script's location (as with *.nix files),
since shell scripts and POSIX in general interpret paths
relative to the current working directory, not the canonical
path of argv[0]
- Is inconsistent, since this script has symlinks pointing at it
from different depths in the repository
There is no way to set this flag statically in a way that will work
everywhere. The caller needs to use $NIX_PATH, or the script needs
to take the `-I` value as an argument.
This commit deletes the static `-I` flag.
Since https://github.com/NixOS/nixpkgs/pull/281374, the
nixpkgs-check-by-name tooling is pinned to a specific /nix/store path to
avoid having to evaluate Nixpkgs in CI.
The same path is used for local runs, but that doesn't actually work
when you're trying to run it on a platform different from CI.
This commit makes it work by being clearer about platforms and making
local runs check out the correct Nixpkgs to evaluate the tool from.
Before this, the tool for CI would update when nixos-unstable updated,
which is kind of terrible because you don't know when it happens, and it
might break master.
In fact, the tooling _right now_ has a serious bug and shouldn't be used!
This PR addresses this by _pinning_ the tooling in Nixpkgs itself.
Updating the tooling now requires two PRs:
- The first PR to update the tooling source
- (wait for Hydra to build and publish it in nixos-unstable)
- The second PR to update the pinned tooling
In turn you know exactly when the changes are going to take effect.
This change however has additional benefits:
- It makes CI more reproducible, because it doesn't depend on the state
of nixos-unstable anymore
- Updates to the tooling can be tested with the workflow itself,
because PRs that update the pinned tool will be tested on the updated
version
- CI gets a sizable speed boost, because there's no need to download and
evaluate a channel anymore
- It makes it more realistic to move the source of the tool into a
separate repository
- It removes the brittle branch-specific logic that was previously
needed to ensure that release branches use their own version of the
tooling.
Due to the check soon depending on the base branch (see `--base`),
the CI check can't reasonably share all code with a local check.
We can still make a script to run it locally, just not sharing all code.