name: "Update flakes" on: repository_dispatch: workflow_dispatch: schedule: - cron: "00 12 * * *" jobs: createPullRequest: runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' # ensure workflow_dispatch only runs on main steps: - uses: actions/checkout@v4 - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Install Nix uses: cachix/install-nix-action@v24 with: extra_nix_config: | experimental-features = nix-command flakes install_url: https://releases.nixos.org/nix/nix-2.19.0/install - uses: DeterminateSystems/magic-nix-cache-action@main - name: Calculate pre-drv run: nix ./utils/eval-to-drv.sh pre - name: Pull latest docker images run: nix ./utils/fetch-docker.sh - name: Update flake.lock (part 1) run: nix flake update - name: Calculate post-drv run: nix ./utils/eval-to-drv.sh post - name: Calculate diff run: nix ./utils/diff-evals.sh - name: Read diff into environment run: | delimiter="$(openssl rand -hex 8)" { echo "POSTDIFF<<${delimiter}" cat post-diff echo "${delimiter}" } >> $GITHUB_ENV - name: Restore flake.lock for next step run: git restore flake.lock - name: Update flake.lock id: update uses: DeterminateSystems/update-flake-lock@main with: token: ${{ secrets.GH_TOKEN_FOR_UPDATES }} pr-body: | Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action. ``` {{ env.GIT_COMMIT_MESSAGE }} ``` ``` {{ env.POSTDIFF }} ``` pr-labels: | # Labels to be set on the PR dependencies automated permissions: pull-requests: write contents: write