From a8559d0a9fadc9b4b720e2219af8c12403bccaa5 Mon Sep 17 00:00:00 2001 From: Terje Larsen Date: Tue, 7 Apr 2026 09:13:47 +0200 Subject: [PATCH 1/3] feat(job): guard backend generators with per-backend enable --- module/jobs/default.nix | 6 ++-- module/jobs/github-actions/default.nix | 2 +- module/jobs/job/github-actions.nix | 32 +++++++++--------- module/jobs/job/gitlab-ci.nix | 4 +-- module/jobs/job/interface.nix | 46 ++++++++++++++++++++++++-- module/jobs/job/process-compose.nix | 4 +-- 6 files changed, 69 insertions(+), 25 deletions(-) diff --git a/module/jobs/default.nix b/module/jobs/default.nix index 382fd07..4ffa034 100644 --- a/module/jobs/default.nix +++ b/module/jobs/default.nix @@ -12,11 +12,13 @@ in config.pipeline = { gitlab-ci.settings = lib.mapAttrs' (name: job: { name = config.pipeline.gitlab-ci.transformJobName name; - value = job.gitlab-ci; + value = lib.filterAttrs (n: _: n != "enable") job.gitlab-ci; }) enabledJobs; process-compose.settings = { - processes = lib.mapAttrs (_: job: job.process-compose) enabledJobs; + processes = lib.mapAttrs ( + _: job: lib.filterAttrs (n: _: n != "enable") job.process-compose + ) enabledJobs; }; }; } diff --git a/module/jobs/github-actions/default.nix b/module/jobs/github-actions/default.nix index e947f03..a2c975b 100644 --- a/module/jobs/github-actions/default.nix +++ b/module/jobs/github-actions/default.nix @@ -31,7 +31,7 @@ in (lib.mapAttrs' (name: job: { name = config.pipeline.github-actions.transformJobName name; - value = job.github-actions; + value = lib.filterAttrs (n: _: n != "enable") job.github-actions; }) enabledJobs) ]; } diff --git a/module/jobs/job/github-actions.nix b/module/jobs/job/github-actions.nix index 39c4bc8..8e3395e 100644 --- a/module/jobs/job/github-actions.nix +++ b/module/jobs/job/github-actions.nix @@ -11,27 +11,29 @@ let inherit (rootConfig.pipeline.github-actions) defaultRunsOn transformJobName checkoutAction; needs = lib.pipe config.needs [ - (builtins.filter (need: jobs.${need.job}.enable)) + (builtins.filter (need: jobs.${need.job}.enable && jobs.${need.job}.github-actions.enable)) (builtins.catAttrs "job") (map transformJobName) ]; in { - config.github-actions = lib.mkMerge [ - { - needs = lib.mkIf (needs != [ ]) needs; + config.github-actions = lib.mkIf config.enable ( + lib.mkMerge [ + { + needs = lib.mkIf (needs != [ ]) needs; - runs-on = lib.mkIf (defaultRunsOn != null) (lib.mkDefault defaultRunsOn); + runs-on = lib.mkIf (defaultRunsOn != null) (lib.mkDefault defaultRunsOn); - steps = lib.mkMerge [ - (lib.mkIf config.checkout (lib.mkBefore [ { uses = checkoutAction; } ])) - (lib.mkAfter (map (command: { run = command; }) config.commands)) - ]; - } + steps = lib.mkMerge [ + (lib.mkIf config.checkout (lib.mkBefore [ { uses = checkoutAction; } ])) + (lib.mkAfter (map (command: { run = command; }) config.commands)) + ]; + } - (lib.mkIf ((config.branches.default.changes.paths or [ ]) != [ ]) { - needs = [ "changes" ]; - "if" = "\${{ fromJSON(needs.changes.outputs.changes)['${name}'] == true }}"; - }) - ]; + (lib.mkIf ((config.branches.default.changes.paths or [ ]) != [ ]) { + needs = [ "changes" ]; + "if" = "\${{ fromJSON(needs.changes.outputs.changes)['${name}'] == true }}"; + }) + ] + ); } diff --git a/module/jobs/job/gitlab-ci.nix b/module/jobs/job/gitlab-ci.nix index 312793c..e57143d 100644 --- a/module/jobs/job/gitlab-ci.nix +++ b/module/jobs/job/gitlab-ci.nix @@ -10,13 +10,13 @@ let inherit (rootConfig.pipeline.gitlab-ci) defaultStage transformJobName; needs = lib.pipe config.needs [ - (builtins.filter (need: jobs.${need.job}.enable)) + (builtins.filter (need: jobs.${need.job}.enable && jobs.${need.job}.gitlab-ci.enable)) (map (need: need // { job = transformJobName need.job; })) ]; triggersBranchConfig = map (job: jobs.${job}.branches) config.triggers; in { - config.gitlab-ci = { + config.gitlab-ci = lib.mkIf config.enable { stage = lib.mkIf (defaultStage != null) (lib.mkDefault defaultStage); needs = lib.mkIf (needs != [ ]) needs; diff --git a/module/jobs/job/interface.nix b/module/jobs/job/interface.nix index 462eb41..8c13265 100644 --- a/module/jobs/job/interface.nix +++ b/module/jobs/job/interface.nix @@ -2,6 +2,7 @@ lib, name, rootConfig, + config, ... }: @@ -131,19 +132,58 @@ in }; github-actions = lib.mkOption { - type = rootConfig.types.yamlType; + type = types.submoduleWith { + modules = [ + { + options = { + enable = lib.mkOption { + type = types.bool; + default = config.enable; + description = "Whether the job is enabled for GitHub Actions."; + }; + }; + config._module.freeformType = rootConfig.types.yamlType; + } + ]; + }; default = { }; description = "Job configuration targeting GitHub Actions."; }; gitlab-ci = lib.mkOption { - type = rootConfig.types.yamlType; + type = types.submoduleWith { + modules = [ + { + options = { + enable = lib.mkOption { + type = types.bool; + default = config.enable; + description = "Whether the job is enabled for GitLab CI."; + }; + }; + config._module.freeformType = rootConfig.types.yamlType; + } + ]; + }; default = { }; description = "Job configuration targeting GitLab CI."; }; process-compose = lib.mkOption { - type = types.deferredModule; + type = types.submoduleWith { + modules = [ + { + options = { + enable = lib.mkOption { + type = types.bool; + default = config.enable; + description = "Whether the job is enabled for process-compose."; + }; + }; + config._module.freeformType = types.deferredModule; + } + ]; + }; default = { }; description = "Job configuration targeting process-compose."; }; diff --git a/module/jobs/job/process-compose.nix b/module/jobs/job/process-compose.nix index b17c24b..f90acd8 100644 --- a/module/jobs/job/process-compose.nix +++ b/module/jobs/job/process-compose.nix @@ -9,7 +9,7 @@ let inherit (rootConfig) jobs; depends_on = lib.pipe config.needs [ - (builtins.filter (need: jobs.${need.job}.enable)) + (builtins.filter (need: jobs.${need.job}.enable && jobs.${need.job}.process-compose.enable)) (builtins.catAttrs "job") (lib.flip lib.genAttrs (_: { condition = "process_completed_successfully"; @@ -19,7 +19,7 @@ in { imports = [ ./interface.nix ]; - config.process-compose = { + config.process-compose = lib.mkIf config.enable { inherit depends_on; command = builtins.concatStringsSep "\n" config.commands; From b9d3e3bd056d1fe49154a6dfa60643a74c549191 Mon Sep 17 00:00:00 2001 From: Terje Larsen Date: Tue, 7 Apr 2026 09:29:40 +0200 Subject: [PATCH 2/3] feat(job): add per-backend enable options with filtering --- module/jobs/default.nix | 13 +++--- module/jobs/github-actions/default.nix | 4 +- module/jobs/job/github-actions.nix | 30 ++++++------ module/jobs/job/gitlab-ci.nix | 2 +- module/jobs/job/interface.nix | 6 +-- module/jobs/job/process-compose.nix | 2 +- module/tests/github-actions/job.nix | 64 ++++++++++++++++++++++++++ module/tests/gitlab-ci/job.nix | 51 ++++++++++++++++++++ 8 files changed, 143 insertions(+), 29 deletions(-) diff --git a/module/jobs/default.nix b/module/jobs/default.nix index 4ffa034..67a2a23 100644 --- a/module/jobs/default.nix +++ b/module/jobs/default.nix @@ -1,7 +1,8 @@ { lib, config, ... }: let - enabledJobs = lib.filterAttrs (_: builtins.getAttr "enable") config.jobs; + enabledForBackend = + backend: lib.filterAttrs (_: job: job.enable && job.${backend}.enable) config.jobs; in { imports = [ @@ -12,13 +13,13 @@ in config.pipeline = { gitlab-ci.settings = lib.mapAttrs' (name: job: { name = config.pipeline.gitlab-ci.transformJobName name; - value = lib.filterAttrs (n: _: n != "enable") job.gitlab-ci; - }) enabledJobs; + value = builtins.removeAttrs job.gitlab-ci [ "enable" ]; + }) (enabledForBackend "gitlab-ci"); process-compose.settings = { - processes = lib.mapAttrs ( - _: job: lib.filterAttrs (n: _: n != "enable") job.process-compose - ) enabledJobs; + processes = lib.mapAttrs (_: job: builtins.removeAttrs job.process-compose [ "enable" ]) ( + enabledForBackend "process-compose" + ); }; }; } diff --git a/module/jobs/github-actions/default.nix b/module/jobs/github-actions/default.nix index a2c975b..56acab4 100644 --- a/module/jobs/github-actions/default.nix +++ b/module/jobs/github-actions/default.nix @@ -2,7 +2,7 @@ let inherit (config.pipeline.github-actions) checkoutAction; - enabledJobs = lib.filterAttrs (_: builtins.getAttr "enable") config.jobs; + enabledJobs = lib.filterAttrs (_: job: job.enable && job.github-actions.enable) config.jobs; changes = lib.pipe enabledJobs [ (builtins.mapAttrs (_: job: job.branches.default.changes.paths or [ ])) @@ -31,7 +31,7 @@ in (lib.mapAttrs' (name: job: { name = config.pipeline.github-actions.transformJobName name; - value = lib.filterAttrs (n: _: n != "enable") job.github-actions; + value = builtins.removeAttrs job.github-actions [ "enable" ]; }) enabledJobs) ]; } diff --git a/module/jobs/job/github-actions.nix b/module/jobs/job/github-actions.nix index 8e3395e..5c884bc 100644 --- a/module/jobs/job/github-actions.nix +++ b/module/jobs/job/github-actions.nix @@ -17,23 +17,21 @@ let ]; in { - config.github-actions = lib.mkIf config.enable ( - lib.mkMerge [ - { - needs = lib.mkIf (needs != [ ]) needs; + config.github-actions = lib.mkMerge [ + { + needs = lib.mkIf (needs != [ ]) needs; - runs-on = lib.mkIf (defaultRunsOn != null) (lib.mkDefault defaultRunsOn); + runs-on = lib.mkIf (defaultRunsOn != null) (lib.mkDefault defaultRunsOn); - steps = lib.mkMerge [ - (lib.mkIf config.checkout (lib.mkBefore [ { uses = checkoutAction; } ])) - (lib.mkAfter (map (command: { run = command; }) config.commands)) - ]; - } + steps = lib.mkMerge [ + (lib.mkIf config.checkout (lib.mkBefore [ { uses = checkoutAction; } ])) + (lib.mkAfter (map (command: { run = command; }) config.commands)) + ]; + } - (lib.mkIf ((config.branches.default.changes.paths or [ ]) != [ ]) { - needs = [ "changes" ]; - "if" = "\${{ fromJSON(needs.changes.outputs.changes)['${name}'] == true }}"; - }) - ] - ); + (lib.mkIf ((config.branches.default.changes.paths or [ ]) != [ ]) { + needs = [ "changes" ]; + "if" = "\${{ fromJSON(needs.changes.outputs.changes)['${name}'] == true }}"; + }) + ]; } diff --git a/module/jobs/job/gitlab-ci.nix b/module/jobs/job/gitlab-ci.nix index e57143d..5e704a4 100644 --- a/module/jobs/job/gitlab-ci.nix +++ b/module/jobs/job/gitlab-ci.nix @@ -16,7 +16,7 @@ let triggersBranchConfig = map (job: jobs.${job}.branches) config.triggers; in { - config.gitlab-ci = lib.mkIf config.enable { + config.gitlab-ci = { stage = lib.mkIf (defaultStage != null) (lib.mkDefault defaultStage); needs = lib.mkIf (needs != [ ]) needs; diff --git a/module/jobs/job/interface.nix b/module/jobs/job/interface.nix index 8c13265..7c60da3 100644 --- a/module/jobs/job/interface.nix +++ b/module/jobs/job/interface.nix @@ -138,7 +138,7 @@ in options = { enable = lib.mkOption { type = types.bool; - default = config.enable; + default = true; description = "Whether the job is enabled for GitHub Actions."; }; }; @@ -157,7 +157,7 @@ in options = { enable = lib.mkOption { type = types.bool; - default = config.enable; + default = true; description = "Whether the job is enabled for GitLab CI."; }; }; @@ -176,7 +176,7 @@ in options = { enable = lib.mkOption { type = types.bool; - default = config.enable; + default = true; description = "Whether the job is enabled for process-compose."; }; }; diff --git a/module/jobs/job/process-compose.nix b/module/jobs/job/process-compose.nix index f90acd8..566f275 100644 --- a/module/jobs/job/process-compose.nix +++ b/module/jobs/job/process-compose.nix @@ -19,7 +19,7 @@ in { imports = [ ./interface.nix ]; - config.process-compose = lib.mkIf config.enable { + config.process-compose = { inherit depends_on; command = builtins.concatStringsSep "\n" config.commands; diff --git a/module/tests/github-actions/job.nix b/module/tests/github-actions/job.nix index 6340f84..fd9bcc4 100644 --- a/module/tests/github-actions/job.nix +++ b/module/tests/github-actions/job.nix @@ -230,4 +230,68 @@ }; }; }; + + test-github-actions-job-per-backend-disable = { + expr = test-lib.eval-github-actions { + pipeline.github-actions.defaultRunsOn = "ubuntu-latest"; + jobs = { + job-a = { + commands = [ "echo job-a" ]; + }; + job-b = { + commands = [ "echo job-b" ]; + github-actions.enable = false; + }; + job-c = { + commands = [ "echo job-c" ]; + needs = [ { job = "job-b"; } ]; + }; + }; + }; + expected = { + jobs = { + job-a = { + runs-on = "ubuntu-latest"; + steps = [ + { uses = "actions/checkout@v6"; } + { run = "echo job-a"; } + ]; + }; + job-c = { + runs-on = "ubuntu-latest"; + steps = [ + { uses = "actions/checkout@v6"; } + { run = "echo job-c"; } + ]; + }; + }; + }; + }; + + test-github-actions-job-global-disable-overrides-per-backend-enable = { + expr = test-lib.eval-github-actions { + pipeline.github-actions.defaultRunsOn = "ubuntu-latest"; + jobs = { + job-a = { + commands = [ "echo job-a" ]; + }; + job-b = { + commands = [ "echo job-b" ]; + enable = false; + github-actions.enable = true; + }; + }; + }; + expected = { + jobs = { + job-a = { + runs-on = "ubuntu-latest"; + steps = [ + { uses = "actions/checkout@v6"; } + { run = "echo job-a"; } + ]; + }; + }; + }; + }; } diff --git a/module/tests/gitlab-ci/job.nix b/module/tests/gitlab-ci/job.nix index 05dcd68..79917d8 100644 --- a/module/tests/gitlab-ci/job.nix +++ b/module/tests/gitlab-ci/job.nix @@ -281,4 +281,55 @@ job.environment = "test"; }; }; + + test-gitlab-ci-job-per-backend-disable = { + expr = test-lib.eval-gitlab-ci { + pipeline.gitlab-ci.defaultStage = "test"; + jobs = { + job-a = { + commands = [ "echo job-a" ]; + }; + job-b = { + commands = [ "echo job-b" ]; + gitlab-ci.enable = false; + }; + job-c = { + commands = [ "echo job-c" ]; + needs = [ { job = "job-b"; } ]; + }; + }; + }; + expected = { + job-a = { + stage = "test"; + script = [ "echo job-a" ]; + }; + job-c = { + stage = "test"; + script = [ "echo job-c" ]; + }; + }; + }; + + test-gitlab-ci-job-global-disable-overrides-per-backend-enable = { + expr = test-lib.eval-gitlab-ci { + pipeline.gitlab-ci.defaultStage = "test"; + jobs = { + job-a = { + commands = [ "echo job-a" ]; + }; + job-b = { + commands = [ "echo job-b" ]; + enable = false; + gitlab-ci.enable = true; + }; + }; + }; + expected = { + job-a = { + stage = "test"; + script = [ "echo job-a" ]; + }; + }; + }; } From 3f0df12c7ac08a22b0d33356ba42ebd9f35b5ba2 Mon Sep 17 00:00:00 2001 From: Terje Larsen Date: Tue, 7 Apr 2026 15:50:53 +0200 Subject: [PATCH 3/3] docs: regenerate --- module/README.md | 63 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/module/README.md b/module/README.md index c916902..9360f0d 100644 --- a/module/README.md +++ b/module/README.md @@ -369,6 +369,27 @@ YAML value +## jobs\.\\.github-actions\.enable + + + +Whether the job is enabled for GitHub Actions\. + + + +*Type:* +boolean + + + +*Default:* +` true ` + +*Declared by:* + - [jobs/job/interface\.nix](jobs/job/interface.nix) + + + ## jobs\.\\.gitlab-ci @@ -390,6 +411,27 @@ YAML value +## jobs\.\\.gitlab-ci\.enable + + + +Whether the job is enabled for GitLab CI\. + + + +*Type:* +boolean + + + +*Default:* +` true ` + +*Declared by:* + - [jobs/job/interface\.nix](jobs/job/interface.nix) + + + ## jobs\.\\.image @@ -537,6 +579,27 @@ module +## jobs\.\\.process-compose\.enable + + + +Whether the job is enabled for process-compose\. + + + +*Type:* +boolean + + + +*Default:* +` true ` + +*Declared by:* + - [jobs/job/interface\.nix](jobs/job/interface.nix) + + + ## jobs\.\\.tags