ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues 1 Pull Requests 2 Actions 1 Packages Projects Releases Wiki Activity

Merge pull request 'claurst update script' (#222) from feature/claurst into main
All checks were successful
Check flake.lock / Check health of `flake.lock` (push) Successful in 12s
Details
Check Nix flake / Perform Nix flake checks (push) Successful in 3m5s
Details

Browse Source 
Reviewed-on: #222
This commit was merged in pull request #222.
This commit is contained in:
ahuston-0
2026-05-01 10:57:38 -04:00
parent 976e1663aa 1851df463c
commit aac5738dda
1 changed files with 181 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

181
.github/workflows/update-claurst.yml vendored Normal file
View File

@@ -0,0 +1,181 @@
name: "Update claurst"
on:
repository_dispatch:
workflow_dispatch:
schedule:
- cron: "00 14 * * 1" # Every Monday at 14:00 UTC
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
update_claurst:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install nix
uses: https://github.com/DeterminateSystems/nix-installer-action@main
- name: Setup Attic cache
uses: ryanccn/attic-action@v0
with:
endpoint: ${{ secrets.ATTIC_ENDPOINT }}
cache: ${{ secrets.ATTIC_CACHE }}
token: ${{ secrets.ATTIC_TOKEN }}
skip-push: "true"
- name: Get current claurst version
id: current
run: |
VERSION=$(grep 'version = ' pkgs/claurst/default.nix | head -1 | sed 's/.*version = "\(.*\)".*/\1/')
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Current version: $VERSION"
- name: Get latest claurst release
id: latest
uses: actions/github-script@v7
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const release = await github.rest.repos.getLatestRelease({
owner: 'Kuberwastaken',
repo: 'claurst',
});
const tag = release.data.tag_name.replace(/^v/, '');
core.setOutput('version', tag);
core.info(`Latest release: ${tag}`);
- name: Check if update needed
id: check_update
run: |
CURRENT="${{ steps.current.outputs.version }}"
LATEST="${{ steps.latest.outputs.version }}"
if [ "$CURRENT" = "$LATEST" ]; then
echo "No update needed (current: $CURRENT, latest: $LATEST)"
echo "update_needed=false" >> $GITHUB_OUTPUT
else
echo "Update needed (current: $CURRENT, latest: $LATEST)"
echo "update_needed=true" >> $GITHUB_OUTPUT
fi
- name: Update claurst if new version available
if: steps.check_update.outputs.update_needed == 'true'
id: update
run: |
NEW_VERSION="${{ steps.latest.outputs.version }}"
# Backup original file
cp pkgs/claurst/default.nix pkgs/claurst/default.nix.bak
# Update version placeholder with empty hash to compute it
sed -i "s/version = \"[^\"]*\"/version = \"$NEW_VERSION\"/" pkgs/claurst/default.nix
# Try to fetch the new src hash
echo "Computing src hash for v$NEW_VERSION..."
SRC_HASH=$(nix-prefetch-url --unpack "https://github.com/Kuberwastaken/claurst/archive/refs/tags/v$NEW_VERSION.tar.gz" 2>/dev/null | tail -1 || echo "")
if [ -z "$SRC_HASH" ]; then
echo "Failed to compute src hash, reverting"
mv pkgs/claurst/default.nix.bak pkgs/claurst/default.nix
exit 1
fi
SRC_HASH="sha256-$SRC_HASH"
echo "New src hash: $SRC_HASH"
# Update src hash
sed -i "s|hash = \"sha256-[^\"]*\"|hash = \"$SRC_HASH\"|" pkgs/claurst/default.nix
# Compute cargoHash - this requires building
echo "Computing cargo hash..."
CARGO_HASH=$(nix build \
--no-eval-cache \
--expr "(import ./pkgs/default.nix { nixpkgs = import <nixpkgs> { }; }).mkPkgs \"x86_64-linux\" | .claurst" \
2>&1 | grep -oP 'got:\s*\K[^"]+' | head -1 || echo "")
if [ -z "$CARGO_HASH" ]; then
echo "Failed to compute cargo hash, trying with attribute substitution..."
CARGO_HASH=$(nix eval \
--impure \
--expr "
let
pkgs = import <nixpkgs> { config.allowUnsupportedSystem = true; };
claurst = import pkgs/claurst { inherit pkgs; };
in claurst.cargoHash
" 2>&1 | tail -1)
fi
if [ ! -z "$CARGO_HASH" ]; then
echo "New cargo hash: $CARGO_HASH"
sed -i "s|cargoHash = \"[^\"]*\"|cargoHash = \"$CARGO_HASH\"|" pkgs/claurst/default.nix
fi
rm -f pkgs/claurst/default.nix.bak
echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT
- name: Validate nix flake
if: steps.check_update.outputs.update_needed == 'true'
run: |
echo "Running nix flake check..."
nix flake check --show-trace || true
- name: Build claurst to verify changes
if: steps.check_update.outputs.update_needed == 'true'
run: |
echo "Building updated claurst package..."
nix build ".#artemision.config.environment.systemPackages" --no-eval-cache 2>&1 | tail -20 || true
- name: Generate PR body
if: steps.check_update.outputs.update_needed == 'true'
id: pr_body
run: |
cat > pr_body.md << 'EOF'
# Claurst Update
Automated claurst package update.
**Changes:**
- Version: `${{ steps.current.outputs.version }}` → `${{ steps.update.outputs.version }}`
- Source hash updated
- Cargo hash updated
Auto-generated by [update-claurst.yml][1].
[1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/update-claurst.yml
EOF
cat pr_body.md
- name: Create Pull Request
if: steps.check_update.outputs.update_needed == 'true'
uses: https://nayeonie.com/ahuston-0/create-pull-request@main
with:
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
add-paths: pkgs/claurst/default.nix
body-path: pr_body.md
author: '"github-actions[bot]" <github-actions[bot]@users.noreply.github.com>'
title: "automated: Update claurst to ${{ steps.update.outputs.version }}"
commit-message: |
automated: Update claurst to ${{ steps.update.outputs.version }}
- Bumped version from ${{ steps.current.outputs.version }} to ${{ steps.update.outputs.version }}
- Updated src and cargo hashes
Auto-generated by [update-claurst.yml][1].
[1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/update-claurst.yml
branch: update-claurst
delete-branch: true
pr-labels: |
dependencies
automated
- name: Print PR result
if: steps.check_update.outputs.update_needed == 'true'
run: |
echo "Pull request created successfully"
echo "Version updated: ${{ steps.current.outputs.version }} → ${{ steps.update.outputs.version }}"
permissions:
pull-requests: write
contents: write