ci: enhance guix-build workflow to run on label and tags by default

[PastaPastaPasta]

Issue being fixed or feature implemented

See commits; not explicitly tested, but workflow is currently disabled.

What was done?

How Has This Been Tested?

Breaking Changes

None

Checklist:

Go over all the following points, and put an x in all the boxes that apply.

• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have added or updated relevant unit/integration/functional/e2e tests
• I have made corresponding changes to the documentation
• I have assigned this pull request to a milestone (for repository code-owners and collaborators only)

[github-actions]

✅ No Merge Conflicts Detected

This PR currently has no conflicts with other open PRs.

[coderabbitai]

Walkthrough

The workflow file .github/workflows/guix-build.yml was updated to trigger on PR label events by adding pull_request types: [labeled] under on.pull_request_target. The build-image and build jobs now run when pushing tags, when RUN_GUIX_ON_ALL_PUSH is true, or when the PR has the guix-build label. Two checkout steps were changed to use github.event.pull_request.head.sha || github.sha to provide a valid ref in both PR and push contexts. A commented-out if was removed and downstream job behavior remains unchanged.

Sequence Diagram(s)

sequenceDiagram
    autonumber
    participant GitHub as GitHub event
    participant Workflow as guix-build.yml
    participant Runner as Actions runner
    participant Checkout as actions/checkout
    Note over GitHub,Workflow `#f0f4ff`: Events: push (tags) OR env RUN_GUIX_ON_ALL_PUSH == true OR pull_request_target (labeled)
    GitHub->>Workflow: emit event
    alt Tag push OR RUN_GUIX_ON_ALL_PUSH == true
        Workflow->>Runner: start build-image job
        Runner->>Checkout: checkout ref github.sha
        Runner->>Workflow: run build-image steps
        Workflow->>Runner: start build job
        Runner->>Checkout: checkout ref github.sha
        Runner->>Workflow: run build steps
    else pull_request_target with label "guix-build"
        Workflow->>Runner: start build-image job
        Runner->>Checkout: checkout ref github.event.pull_request.head.sha || github.sha
        Runner->>Workflow: run build-image steps
        Workflow->>Runner: start build job
        Runner->>Checkout: checkout ref github.event.pull_request.head.sha || github.sha
        Runner->>Workflow: run build steps
    end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• Verify on.pull_request_target includes types: [labeled].
• Confirm the conditional (tag push OR RUN_GUIX_ON_ALL_PUSH OR PR label) is applied consistently to build-image and build.
• Check both checkout steps use github.event.pull_request.head.sha || github.sha and YAML syntax/indentation.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title directly describes the main changes: enhancing the guix-build workflow to run on label and tags by default, which aligns with the changeset modifications.
Description check	✅ Passed	The description references the commits and acknowledges the workflow is currently disabled, which relates to the CI workflow changes in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 6698829 and 0ffa05a.

📒 Files selected for processing (1)

• .github/workflows/guix-build.yml (2 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

{guix-build*,releases,**/guix-build*,releases/**,.github/**,depends/**,ci/**,contrib/**,doc/**}

📄 CodeRabbit inference engine (CLAUDE.md)

Do not make changes to build system files (guix-build*), release artifacts, or avoid changes to .github, depends, ci, contrib, and doc directories unless specifically prompted

Files:

• .github/workflows/guix-build.yml

🧠 Learnings (8)

📓 Common learnings

Learnt from: CR
Repo: dashpay/dash PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T16:41:22.457Z
Learning: Applies to {guix-build*,releases,**/guix-build*,releases/**,.github/**,depends/**,ci/**,contrib/**,doc/**} : Do not make changes to build system files (guix-build*), release artifacts, or avoid changes to .github, depends, ci, contrib, and doc directories unless specifically prompted

📚 Learning: 2025-11-24T16:41:22.457Z

Learnt from: CR
Repo: dashpay/dash PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T16:41:22.457Z
Learning: Applies to {guix-build*,releases,**/guix-build*,releases/**,.github/**,depends/**,ci/**,contrib/**,doc/**} : Do not make changes to build system files (guix-build*), release artifacts, or avoid changes to .github, depends, ci, contrib, and doc directories unless specifically prompted

Applied to files:

• .github/workflows/guix-build.yml

📚 Learning: 2025-02-06T14:34:30.466Z

Learnt from: kwvg
Repo: dashpay/dash PR: 6543
File: src/wallet/receive.cpp:240-251
Timestamp: 2025-02-06T14:34:30.466Z
Learning: Pull request #6543 is focused on move-only changes and refactoring, specifically backporting from Bitcoin. Behavior changes should be proposed in separate PRs.

Applied to files:

• .github/workflows/guix-build.yml

📚 Learning: 2025-10-05T20:38:28.457Z

Learnt from: knst
Repo: dashpay/dash PR: 6871
File: contrib/guix/libexec/build.sh:358-360
Timestamp: 2025-10-05T20:38:28.457Z
Learning: In the Dash repository, when backporting code from Bitcoin Core, typos and minor issues in comments should be kept as-is to reduce merge conflicts in future backports, even if they remain unfixed in Bitcoin Core's master branch.

Applied to files:

• .github/workflows/guix-build.yml

📚 Learning: 2025-11-24T16:41:22.457Z

Learnt from: CR
Repo: dashpay/dash PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-24T16:41:22.457Z
Learning: Applies to src/{masternode,evo,llmq,governance,coinjoin}/**/*.{cpp,h} : Use Dash-specific database implementations: CFlatDB for persistent storage (MasternodeMetaStore, GovernanceStore, SporkStore, NetFulfilledRequestStore) and CDBWrapper extensions for Evolution/DKG/InstantSend/Quorum/RecoveredSigs data

Applied to files:

• .github/workflows/guix-build.yml

📚 Learning: 2025-02-19T00:03:39.002Z

Learnt from: PastaPastaPasta
Repo: dashpay/dash PR: 6588
File: .github/workflows/release_docker_hub.yml:79-81
Timestamp: 2025-02-19T00:03:39.002Z
Learning: GitHub Actions supports ARM64 runners with the labels `ubuntu-latest-arm64` and `linux-arm64` for public repositories, introduced in January 2025. These runners are specifically designed for ARM64 architecture builds.

Applied to files:

• .github/workflows/guix-build.yml

📚 Learning: 2025-02-19T00:03:39.001Z

Learnt from: PastaPastaPasta
Repo: dashpay/dash PR: 6588
File: .github/workflows/release_docker_hub.yml:79-81
Timestamp: 2025-02-19T00:03:39.001Z
Learning: GitHub Actions supports ARM64 runners with the label `ubuntu-22.04-arm` for public repositories, introduced in January 2025. This runner is specifically designed for ARM64 architecture builds.

Applied to files:

• .github/workflows/guix-build.yml

📚 Learning: 2025-02-13T07:36:17.572Z

Learnt from: UdjinM6
Repo: dashpay/dash PR: 0
File: :0-0
Timestamp: 2025-02-13T07:36:17.572Z
Learning: In GitHub Actions checkout action, fetch-depth: 0 fetches all commit history for all branches and tags, while a positive number like fetch-depth: 50 fetches only that many recent commits, which is useful for CI optimization.

Applied to files:

• .github/workflows/guix-build.yml

🔇 Additional comments (4)

.github/workflows/guix-build.yml (4)

10-11: Workflow trigger configuration looks correct.

The addition of pull_request with types: [labeled] is the appropriate way to trigger on PR label events, complementing the existing pull_request_target for fork PRs and push for tags/direct pushes.

---

17-19: If condition logic is sound across event types.

The condition correctly:

• Runs on push events to tags or when RUN_GUIX_ON_ALL_PUSH is enabled
• Runs on PRs (fork or same-repo) that have the guix-build label
• Avoids running unnecessarily on push events without tags or PRs without the label

The fallback handling of github.event.pull_request (which is null/undefined during push events) is handled safely by the contains() expression returning false in those contexts.

---

27-27: Checkout ref simplification is an improvement.

The use of ${{ github.event.pull_request.head.sha || github.sha }} correctly provides a valid ref for both PR and push contexts, with cleaner logic than earlier explicit empty-string checks.

Also applies to: 86-86

---

69-72: Build job dependency handling is correct.

The build job correctly omits an if condition and relies on needs: build-image to handle orchestration, as noted in prior feedback. This ensures the build job only runs when build-image succeeds.

Tip

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide your own instructions using the high_level_summary_instructions setting.
• Format the summary however you like (bullet lists, tables, multi-section layouts, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example instruction:

"Divide the high-level summary into five sections:

1. 📝 Description — Summarize the main change in 50–60 words, explaining what was done.
2. 📓 References — List relevant issues, discussions, documentation, or related PRs.
3. 📦 Dependencies & Requirements — Mention any new/updated dependencies, environment variable changes, or configuration updates.
4. 📊 Contributor Summary — Include a Markdown table showing contributions:
   | Contributor | Lines Added | Lines Removed | Files Changed |
5. ✔️ Additional Notes — Add any extra reviewer context.
   Keep each section concise (under 200 words) and use bullet or numbered lists for clarity."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[UdjinM6]

utACK 0ffa05a