name: "Update claurst" on: repository_dispatch: workflow_dispatch: schedule: - cron: "00 14 * * 1" # Every Monday at 14:00 UTC concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true jobs: update_claurst: runs-on: ubuntu-latest steps: - name: Checkout repository uses: actions/checkout@v4 - name: Install nix uses: https://github.com/DeterminateSystems/nix-installer-action@main - name: Setup Attic cache uses: ryanccn/attic-action@v0 with: endpoint: ${{ secrets.ATTIC_ENDPOINT }} cache: ${{ secrets.ATTIC_CACHE }} token: ${{ secrets.ATTIC_TOKEN }} skip-push: "true" - name: Get current claurst version id: current run: | VERSION=$(grep 'version = ' pkgs/claurst/default.nix | head -1 | sed 's/.*version = "$.*$".*/\1/') echo "version=$VERSION" >> $GITHUB_OUTPUT echo "Current version: $VERSION" - name: Get latest claurst release id: latest uses: actions/github-script@v7 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | const release = await github.rest.repos.getLatestRelease({ owner: 'Kuberwastaken', repo: 'claurst', }); const tag = release.data.tag_name.replace(/^v/, ''); core.setOutput('version', tag); core.info(`Latest release: ${tag}`); - name: Check if update needed id: check_update run: | CURRENT="${{ steps.current.outputs.version }}" LATEST="${{ steps.latest.outputs.version }}" if [ "$CURRENT" = "$LATEST" ]; then echo "No update needed (current: $CURRENT, latest: $LATEST)" echo "update_needed=false" >> $GITHUB_OUTPUT else echo "Update needed (current: $CURRENT, latest: $LATEST)" echo "update_needed=true" >> $GITHUB_OUTPUT fi - name: Update claurst if new version available if: steps.check_update.outputs.update_needed == 'true' id: update run: | NEW_VERSION="${{ steps.latest.outputs.version }}" # Backup original file cp pkgs/claurst/default.nix pkgs/claurst/default.nix.bak # Update version placeholder with empty hash to compute it sed -i "s/version = \"[^\"]*\"/version = \"$NEW_VERSION\"/" pkgs/claurst/default.nix # Try to fetch the new src hash echo "Computing src hash for v$NEW_VERSION..." SRC_HASH=$(nix-prefetch-url --unpack "https://github.com/Kuberwastaken/claurst/archive/refs/tags/v$NEW_VERSION.tar.gz" 2>/dev/null | tail -1 || echo "") if [ -z "$SRC_HASH" ]; then echo "Failed to compute src hash, reverting" mv pkgs/claurst/default.nix.bak pkgs/claurst/default.nix exit 1 fi SRC_HASH="sha256-$SRC_HASH" echo "New src hash: $SRC_HASH" # Update src hash sed -i "s|hash = \"sha256-[^\"]*\"|hash = \"$SRC_HASH\"|" pkgs/claurst/default.nix # Compute cargoHash - this requires building echo "Computing cargo hash..." CARGO_HASH=$(nix build \ --no-eval-cache \ --expr "(import ./pkgs/default.nix { nixpkgs = import { }; }).mkPkgs \"x86_64-linux\" | .claurst" \ 2>&1 | grep -oP 'got:\s*\K[^"]+' | head -1 || echo "") if [ -z "$CARGO_HASH" ]; then echo "Failed to compute cargo hash, trying with attribute substitution..." CARGO_HASH=$(nix eval \ --impure \ --expr " let pkgs = import { config.allowUnsupportedSystem = true; }; claurst = import pkgs/claurst { inherit pkgs; }; in claurst.cargoHash " 2>&1 | tail -1) fi if [ ! -z "$CARGO_HASH" ]; then echo "New cargo hash: $CARGO_HASH" sed -i "s|cargoHash = \"[^\"]*\"|cargoHash = \"$CARGO_HASH\"|" pkgs/claurst/default.nix fi rm -f pkgs/claurst/default.nix.bak echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT - name: Validate nix flake if: steps.check_update.outputs.update_needed == 'true' run: | echo "Running nix flake check..." nix flake check --show-trace || true - name: Build claurst to verify changes if: steps.check_update.outputs.update_needed == 'true' run: | echo "Building updated claurst package..." nix build ".#artemision.config.environment.systemPackages" --no-eval-cache 2>&1 | tail -20 || true - name: Generate PR body if: steps.check_update.outputs.update_needed == 'true' id: pr_body run: | cat > pr_body.md << 'EOF' # Claurst Update Automated claurst package update. **Changes:** - Version: `${{ steps.current.outputs.version }}` → `${{ steps.update.outputs.version }}` - Source hash updated - Cargo hash updated Auto-generated by [update-claurst.yml][1]. [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/update-claurst.yml EOF cat pr_body.md - name: Create Pull Request if: steps.check_update.outputs.update_needed == 'true' uses: https://nayeonie.com/ahuston-0/create-pull-request@main with: token: ${{ secrets.GH_TOKEN_FOR_UPDATES }} add-paths: pkgs/claurst/default.nix body-path: pr_body.md author: '"github-actions[bot]" ' title: "automated: Update claurst to ${{ steps.update.outputs.version }}" commit-message: | automated: Update claurst to ${{ steps.update.outputs.version }} - Bumped version from ${{ steps.current.outputs.version }} to ${{ steps.update.outputs.version }} - Updated src and cargo hashes Auto-generated by [update-claurst.yml][1]. [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/update-claurst.yml branch: update-claurst delete-branch: true pr-labels: | dependencies automated - name: Print PR result if: steps.check_update.outputs.update_needed == 'true' run: | echo "Pull request created successfully" echo "Version updated: ${{ steps.current.outputs.version }} → ${{ steps.update.outputs.version }}" permissions: pull-requests: write contents: write