name: "Update flakes" on: repository_dispatch: workflow_dispatch: schedule: - cron: "00 12 * * *" jobs: update_lockfile: runs-on: ubuntu-latest #if: github.ref == 'refs/heads/main' # ensure workflow_dispatch only runs on main steps: - name: Checkout repository uses: actions/checkout@v4 - name: Install nix uses: https://github.com/DeterminateSystems/nix-installer-action@main - name: Setup Attic cache uses: ryanccn/attic-action@v0 with: endpoint: ${{ secrets.ATTIC_ENDPOINT }} cache: ${{ secrets.ATTIC_CACHE }} token: ${{ secrets.ATTIC_TOKEN }} skip-push: "true" - name: Get pre-snapshot of evaluations run: nix ./utils/eval-to-drv.sh pre - name: Update flake.lock id: update run: | nix flake update 2> >(tee /dev/stderr) | awk ' /^• Updated input/ {in_update = 1; print; next} in_update && !/^warning:/ {print} /^$/ {in_update = 0} ' > update.log echo "UPDATE_LOG<> $GITHUB_ENV cat update.log >> $GITHUB_ENV echo "EOF" >> $GITHUB_ENV rm update.log - name: Get post-snapshot of evaluations run: nix ./utils/eval-to-drv.sh post - name: Calculate diff run: nix ./utils/diff-evals.sh - name: Read file contents id: read_file uses: guibranco/github-file-reader-action-v2@latest with: path: "post-diff" - name: Write PR body template uses: https://github.com/DamianReeves/write-file-action@v1.3 with: path: pr_body.template contents: | - The following Nix Flake inputs were updated: ``` ${{ env.UPDATE_LOG }} ``` ``` ${{ steps.read_file.outputs.contents }} ``` Auto-generated by [update.yml][1] with the help of [create-pull-request][2]. [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml [2]: https://forgejo.stefka.eu/jiriks74/create-pull-request - name: Generate PR body uses: pedrolamas/handlebars-action@v2.4.0 # v2.4.0 with: files: "pr_body.template" output-filename: "pr_body.md" - name: Save PR body id: pr_body uses: juliangruber/read-file-action@v1 with: path: "pr_body.md" - name: Remove temporary files run: | rm pr_body.template rm pr_body.md rm pre.json rm post.json rm post-diff - name: Create Pull Request id: create-pull-request # uses: https://forgejo.stefka.eu/jiriks74/create-pull-request@7174d368c2e4450dea17b297819eb28ae93ee645 uses: https://nayeonie.com/ahuston-0/create-pull-request@main with: token: ${{ secrets.GH_TOKEN_FOR_UPDATES }} body: ${{ steps.pr_body.outputs.content }} author: '"github-actions[bot]" ' title: 'automated: Update `flake.lock`' commit-message: | automated: Update `flake.lock` ${{ steps.pr_body.outputs.content }} branch: update-flake-lock delete-branch: true pr-labels: | # Labels to be set on the PR dependencies automated - name: Push to Attic run: nix ./utils/attic-push.bash continue-on-error: true - name: Print PR number run: | echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}." echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}" permissions: pull-requests: write contents: write