abc409c16f
- Rename workflow to simply "update" - Drop the DeterminateSystems/update-flake-lock action - Instead use `nix flake update --commit-lock-file` - Also use `generate-files`'s `--commit` option - Use peter-evans/create-pull-request to open a PR
120 lines
3.9 KiB
YAML
120 lines
3.9 KiB
YAML
name: update
|
|
on:
|
|
workflow_dispatch: # allows manual triggering
|
|
inputs:
|
|
branch:
|
|
description: "Branch to update"
|
|
type: choice
|
|
options:
|
|
- "stable & unstable"
|
|
- "main"
|
|
- "nixos-24.05"
|
|
schedule:
|
|
- cron: "0 12 * * SAT" # runs weekly on Saturday at noon
|
|
|
|
jobs:
|
|
lockfile:
|
|
strategy:
|
|
matrix:
|
|
# This allows to update both stable & unstable branches, but not both when triggered
|
|
# manually
|
|
branch: ["main", "nixos-24.05"]
|
|
selectedBranch: ["${{ inputs.branch }}"]
|
|
exclude:
|
|
- selectedBranch: main
|
|
branch: "nixos-24.05"
|
|
- selectedBranch: "nixos-24.05"
|
|
branch: main
|
|
|
|
name: Update the flake inputs and generate options
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 40
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
with:
|
|
ssh-key: ${{ secrets.CI_UPDATE_SSH_KEY }}
|
|
ref: ${{ matrix.branch }}
|
|
|
|
- name: Install Nix
|
|
uses: cachix/install-nix-action@v26
|
|
with:
|
|
nix_path: nixpkgs=channel:nixos-unstable
|
|
github_access_token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Configure git
|
|
run: |
|
|
git config user.name 'github-actions[bot]'
|
|
git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
|
|
|
|
- name: Update flake.lock
|
|
id: flake_lock
|
|
run: |
|
|
old=$(git show --no-patch --format=%h)
|
|
nix flake update --commit-lock-file
|
|
new=$(git show --no-patch --format=%h)
|
|
if [ "$old" != "$new" ]; then
|
|
echo "body<<EOF" >> "$GITHUB_OUTPUT"
|
|
git show --no-patch --format=%b >> "$GITHUB_OUTPUT"
|
|
echo "EOF" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: Update autogenerated files
|
|
id: generate
|
|
run: |
|
|
old=$(git show --no-patch --format=%h)
|
|
nix run .#generate-files -- --commit
|
|
new=$(git show --no-patch --format=%h)
|
|
if [ "$old" != "$new" ]; then
|
|
summary=$(git show --no-patch --format=%s)
|
|
echo "summary=$summary" >> "$GITHUB_OUTPUT"
|
|
echo "body<<EOF" >> "$GITHUB_OUTPUT"
|
|
git show --no-patch --format=%b >> "$GITHUB_OUTPUT"
|
|
echo "EOF" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: Create Pull Request
|
|
id: pr
|
|
uses: peter-evans/create-pull-request@v6
|
|
with:
|
|
branch: update/${{ matrix.branch }}
|
|
base: ${{ matrix.branch }}
|
|
delete-branch: true
|
|
team-reviewers: |
|
|
nix-community/nixvim
|
|
title: |
|
|
[${{ matrix.branch }}] Update flake.lock & generated files
|
|
body: |
|
|
## Flake lockfile
|
|
```
|
|
${{ steps.flake_lock.outputs.body || 'No changes' }}
|
|
```
|
|
|
|
## Generate
|
|
${{ steps.generate.outputs.body || steps.generate.outputs.summary || 'No changes' }}
|
|
|
|
- name: Print summary
|
|
if: ${{ steps.pr.outputs.pull-request-number }}
|
|
run: |
|
|
num="${{ steps.pr.outputs.pull-request-number }}"
|
|
pr_url="${{ steps.pr.outputs.pull-request-url }}"
|
|
pr_branch="${{ steps.pr.outputs.pull-request-branch }}"
|
|
head="${{ steps.pr.outputs.pull-request-head-sha }}"
|
|
operation="${{ steps.pr.outputs.pull-request-operation }}"
|
|
|
|
# stdout
|
|
echo "${head:0:6} pushed to ${pr_branch}"
|
|
echo "${pr} was ${operation}."
|
|
|
|
# markdown summary
|
|
echo "## ${{ matrix.branch }}" >> $GITHUB_STEP_SUMMARY
|
|
echo >> $GITHUB_STEP_SUMMARY
|
|
echo "\`${head:0:6}\` pushed to \`${pr_branch}\`" >> $GITHUB_STEP_SUMMARY
|
|
echo >> $GITHUB_STEP_SUMMARY
|
|
echo "[#${num}](${pr_url}) was ${operation}." >> $GITHUB_STEP_SUMMARY
|
|
echo >> $GITHUB_STEP_SUMMARY
|