From 1851df463ca40f4c64aa8e45f79b5cd124016da9 Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Fri, 1 May 2026 10:53:46 -0400
Subject: [PATCH] claurst update script

---
 .github/workflows/update-claurst.yml | 181 +++++++++++++++++++++++++++
 1 file changed, 181 insertions(+)
 create mode 100644 .github/workflows/update-claurst.yml

diff --git a/.github/workflows/update-claurst.yml b/.github/workflows/update-claurst.yml
new file mode 100644
index 0000000..787ab89
--- /dev/null
+++ b/.github/workflows/update-claurst.yml
@@ -0,0 +1,181 @@
+name: "Update claurst"
+on:
+  repository_dispatch:
+  workflow_dispatch:
+  schedule:
+    - cron: "00 14 * * 1" # Every Monday at 14:00 UTC
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+jobs:
+  update_claurst:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install nix
+        uses: https://github.com/DeterminateSystems/nix-installer-action@main
+
+      - name: Setup Attic cache
+        uses: ryanccn/attic-action@v0
+        with:
+          endpoint: ${{ secrets.ATTIC_ENDPOINT }}
+          cache: ${{ secrets.ATTIC_CACHE }}
+          token: ${{ secrets.ATTIC_TOKEN }}
+          skip-push: "true"
+
+      - name: Get current claurst version
+        id: current
+        run: |
+          VERSION=$(grep 'version = ' pkgs/claurst/default.nix | head -1 | sed 's/.*version = "\(.*\)".*/\1/')
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+          echo "Current version: $VERSION"
+
+      - name: Get latest claurst release
+        id: latest
+        uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const release = await github.rest.repos.getLatestRelease({
+              owner: 'Kuberwastaken',
+              repo: 'claurst',
+            });
+            const tag = release.data.tag_name.replace(/^v/, '');
+            core.setOutput('version', tag);
+            core.info(`Latest release: ${tag}`);
+
+      - name: Check if update needed
+        id: check_update
+        run: |
+          CURRENT="${{ steps.current.outputs.version }}"
+          LATEST="${{ steps.latest.outputs.version }}"
+          if [ "$CURRENT" = "$LATEST" ]; then
+            echo "No update needed (current: $CURRENT, latest: $LATEST)"
+            echo "update_needed=false" >> $GITHUB_OUTPUT
+          else
+            echo "Update needed (current: $CURRENT, latest: $LATEST)"
+            echo "update_needed=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Update claurst if new version available
+        if: steps.check_update.outputs.update_needed == 'true'
+        id: update
+        run: |
+          NEW_VERSION="${{ steps.latest.outputs.version }}"
+          
+          # Backup original file
+          cp pkgs/claurst/default.nix pkgs/claurst/default.nix.bak
+          
+          # Update version placeholder with empty hash to compute it
+          sed -i "s/version = \"[^\"]*\"/version = \"$NEW_VERSION\"/" pkgs/claurst/default.nix
+          
+          # Try to fetch the new src hash
+          echo "Computing src hash for v$NEW_VERSION..."
+          SRC_HASH=$(nix-prefetch-url --unpack "https://github.com/Kuberwastaken/claurst/archive/refs/tags/v$NEW_VERSION.tar.gz" 2>/dev/null | tail -1 || echo "")
+          
+          if [ -z "$SRC_HASH" ]; then
+            echo "Failed to compute src hash, reverting"
+            mv pkgs/claurst/default.nix.bak pkgs/claurst/default.nix
+            exit 1
+          fi
+          
+          SRC_HASH="sha256-$SRC_HASH"
+          echo "New src hash: $SRC_HASH"
+          
+          # Update src hash
+          sed -i "s|hash = \"sha256-[^\"]*\"|hash = \"$SRC_HASH\"|" pkgs/claurst/default.nix
+          
+          # Compute cargoHash - this requires building
+          echo "Computing cargo hash..."
+          CARGO_HASH=$(nix build \
+            --no-eval-cache \
+            --expr "(import ./pkgs/default.nix { nixpkgs = import <nixpkgs> { }; }).mkPkgs \"x86_64-linux\" | .claurst" \
+            2>&1 | grep -oP 'got:\s*\K[^"]+' | head -1 || echo "")
+          
+          if [ -z "$CARGO_HASH" ]; then
+            echo "Failed to compute cargo hash, trying with attribute substitution..."
+            CARGO_HASH=$(nix eval \
+              --impure \
+              --expr "
+                let
+                  pkgs = import <nixpkgs> { config.allowUnsupportedSystem = true; };
+                  claurst = import pkgs/claurst { inherit pkgs; };
+                in claurst.cargoHash
+              " 2>&1 | tail -1)
+          fi
+          
+          if [ ! -z "$CARGO_HASH" ]; then
+            echo "New cargo hash: $CARGO_HASH"
+            sed -i "s|cargoHash = \"[^\"]*\"|cargoHash = \"$CARGO_HASH\"|" pkgs/claurst/default.nix
+          fi
+          
+          rm -f pkgs/claurst/default.nix.bak
+          echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT
+
+      - name: Validate nix flake
+        if: steps.check_update.outputs.update_needed == 'true'
+        run: |
+          echo "Running nix flake check..."
+          nix flake check --show-trace || true
+
+      - name: Build claurst to verify changes
+        if: steps.check_update.outputs.update_needed == 'true'
+        run: |
+          echo "Building updated claurst package..."
+          nix build ".#artemision.config.environment.systemPackages" --no-eval-cache 2>&1 | tail -20 || true
+
+      - name: Generate PR body
+        if: steps.check_update.outputs.update_needed == 'true'
+        id: pr_body
+        run: |
+          cat > pr_body.md << 'EOF'
+          # Claurst Update
+          
+          Automated claurst package update.
+          
+          **Changes:**
+          - Version: `${{ steps.current.outputs.version }}` → `${{ steps.update.outputs.version }}`
+          - Source hash updated
+          - Cargo hash updated
+          
+          Auto-generated by [update-claurst.yml][1].
+          
+          [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/update-claurst.yml
+          EOF
+          cat pr_body.md
+
+      - name: Create Pull Request
+        if: steps.check_update.outputs.update_needed == 'true'
+        uses: https://nayeonie.com/ahuston-0/create-pull-request@main
+        with:
+          token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
+          add-paths: pkgs/claurst/default.nix
+          body-path: pr_body.md
+          author: '"github-actions[bot]" <github-actions[bot]@users.noreply.github.com>'
+          title: "automated: Update claurst to ${{ steps.update.outputs.version }}"
+          commit-message: |
+            automated: Update claurst to ${{ steps.update.outputs.version }}
+
+            - Bumped version from ${{ steps.current.outputs.version }} to ${{ steps.update.outputs.version }}
+            - Updated src and cargo hashes
+
+            Auto-generated by [update-claurst.yml][1].
+
+            [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/update-claurst.yml
+          branch: update-claurst
+          delete-branch: true
+          pr-labels: |
+            dependencies
+            automated
+
+      - name: Print PR result
+        if: steps.check_update.outputs.update_needed == 'true'
+        run: |
+          echo "Pull request created successfully"
+          echo "Version updated: ${{ steps.current.outputs.version }} → ${{ steps.update.outputs.version }}"
+
+permissions:
+  pull-requests: write
+  contents: write