Skip to content

flake-update

flake-update #390

Workflow file for this run

name: flake-update
on:
workflow_dispatch:
schedule:
# Every Saturday @ 12:00 PM UTC
- cron: "0 12 * * 6"
jobs:
# Update flake inputs
update_flake:
runs-on: ubuntu-latest
outputs:
branch: ${{ steps.find-branch.outputs.branch }}
pr-number: ${{ steps.find-branch.outputs.pr-number }}
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Install Nix
uses: cachix/install-nix-action@v18
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
- name: Configure Git
run: |
git config user.email [email protected]
git config user.name "Autumn Wind"
- name: Find branch to create update on
id: find-branch
run: |
request="$(gh pr list --json headRefName --json number -q '.[] | "\(.headRefName) \(.number)"')"
filtered="$(echo "$request" | grep -E "update-[0-9]{4}-[0-9]{2}-[0-9]{2}" | head -1)"
if [ "$filtered" != "" ]; then
read -r branch number <<<"$filtered"
gh pr checkout "$number"
else
number=""
branch="update-$(date -I)"
git checkout -b "$branch"
fi
echo "branch=$branch" >> $GITHUB_OUTPUT
echo "pr-number=$number" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Update flake.lock
run: nix flake update
- name: Store flake.lock
uses: actions/upload-artifact@v3
with:
name: flake_lock
path: flake.lock
# Find and update all nvfetcher inputs
update_nvfetcher:
runs-on: ubuntu-latest
needs: [update_flake]
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Install Nix
uses: cachix/install-nix-action@v18
with:
nix_path: nixpkgs=channel:nixos-unstable
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
- name: Configure Git
run: |
git config user.email [email protected]
git config user.name "Autumn Wind"
- name: Find branch to create update on
run: |
number=${{needs.update_flake.outputs.pr-number}}
branch=${{needs.update_flake.outputs.branch}}
if [ "$number" != "" ]; then
gh pr checkout "$number"
else
git checkout -b "$branch"
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Restore flake.lock
uses: actions/download-artifact@v3
with:
name: flake_lock
- name: Update all nvfetcher sources
run: |
cat > /tmp/keyfile.toml << EOF
[keys]
github = "$GITHUB_TOKEN"
EOF
nix run ".#update-nvfetcher-sources" -- -k /tmp/keyfile.toml
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Generate patch
run: |
git restore flake.lock
git add .
git stash --include-untracked
git stash show -p stash@\{0\} > nvfetcher-updates.patch
- name: Store nvfetcher patch
uses: actions/upload-artifact@v3
with:
name: nvfetcher_updates_patch
path: nvfetcher-updates.patch
# Make a PR with the flake and nvfetcher updates
push_updates:
runs-on: ubuntu-latest
needs: [update_nvfetcher, update_flake]
steps:
- name: Checkout repository
uses: actions/checkout@v3
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: Configure Git
run: |
git config user.email [email protected]
git config user.name "Autumn Wind"
- name: Find branch to create update on
run: |
number=${{needs.update_flake.outputs.pr-number}}
branch=${{needs.update_flake.outputs.branch}}
if [ "$number" != "" ]; then
gh pr checkout "$number"
else
git checkout -b "$branch"
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Restore flake.lock
uses: actions/download-artifact@v3
with:
name: flake_lock
- name: Restore nvfetcher patches
uses: actions/download-artifact@v3
with:
name: nvfetcher_updates_patch
- name: Commit all updates and make a PR if needed
run: |
number=${{needs.update_flake.outputs.pr-number}}
branch=${{needs.update_flake.outputs.branch}}
git add flake.lock
git commit -m "chore: update flake inputs"
git apply nvfetcher-updates.patch --allow-empty
rm nvfetcher-updates.patch
git commit -am "chore: update nvfetcher sources" || true
git push -u origin "$branch"
if [ "$number" == "" ]; then
gh pr create \
--assignee water-sucks \
--base main \
--body "Automatic updates to flake inputs and nvfetcher sources on $(date -I)" \
--fill \
--label bot \
--title "Automatic updates on $(date -I)"
fi
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}