From 0ea9d4bff0abaecf8144e23b1116d527236c8145 Mon Sep 17 00:00:00 2001
From: JacobPEvans <20714140+JacobPEvans@users.noreply.github.com>
Date: Thu, 14 May 2026 14:49:25 -0400
Subject: [PATCH] feat(ci): pass all_systems through _ci-gate.yml to
 _nix-validate.yml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR #300 added the `all_systems` input to `_nix-validate.yml` (default true)
so platform-specific consumer repos could opt out of `--all-systems`. But
`_ci-gate.yml` — which most consumer repos actually call — silently ignored
that input, leaving consumers no way to opt out without forking the gate.

Add `all_systems: { type: boolean, default: true }` to `_ci-gate.yml` and
forward it to the `nix-validate` reusable job. Default remains true to keep
catching darwin-only `meta.broken` packages from the linux runner. The real
root-cause fix lives in consumer flakes (use `runCommandLocal`, scope
source-only checks to the CI system) — this passthrough is the defensive
safety valve for any case where flake-level fixes are not yet possible.

Assisted-by: Claude <noreply@anthropic.com>
---
 .github/workflows/_ci-gate.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/_ci-gate.yml b/.github/workflows/_ci-gate.yml
index cd3123c..f5b24b4 100644
--- a/.github/workflows/_ci-gate.yml
+++ b/.github/workflows/_ci-gate.yml
@@ -46,6 +46,16 @@ on:
         description: Enable `Nix Validate` (gated on `nix` filter)
         type: boolean
         default: false
+      all_systems:
+        description: >-
+          Pass --all-systems to `nix flake check`. Default true catches
+          darwin-only `meta.broken` packages from a linux runner. Set false
+          only when consumer flakes declare platform-specific check
+          derivations that cannot be made platform-aware (rare — prefer
+          fixing the flake to use `runCommandLocal` or to scope source-only
+          checks to the CI system).
+        type: boolean
+        default: true
       markdown_lint:
         description: Enable `Markdown Lint` (gated on `markdown` filter)
         type: boolean
@@ -103,6 +113,8 @@ jobs:
     needs: changes
     if: ${{ inputs.nix_validate && needs.changes.outputs.nix == 'true' }}
     uses: JacobPEvans/.github/.github/workflows/_nix-validate.yml@main
+    with:
+      all_systems: ${{ inputs.all_systems }}
 
   markdown-lint:
     name: Markdown Lint