Compare commits
96 Commits
multiple-f
...
main
Author | SHA1 | Date | |
---|---|---|---|
ba7d516c46 | |||
a3c1072caa | |||
|
428c2b58a4 | ||
|
3690f88382 | ||
|
94658602a6 | ||
|
2a2fe68d85 | ||
|
e9a7860f3f | ||
|
acec67c2bb | ||
|
3ed2353766 | ||
|
11e4dfb59a | ||
|
dcd2ee07ca | ||
|
743a8831c3 | ||
|
5a493253cd | ||
|
a29375a98c | ||
|
6f149b7268 | ||
|
5d4194e238 | ||
|
632f41e585 | ||
|
f033bc83d7 | ||
|
c28c313ee6 | ||
|
de73a6ec43 | ||
|
191583413a | ||
|
a7d610b592 | ||
|
f1ea6b125e | ||
|
355885e85b | ||
|
17889577d9 | ||
|
e0f01aff56 | ||
|
6f83ef312f | ||
|
68fc9d463e | ||
|
8df4e70f64 | ||
|
ad4544a038 | ||
|
f258f6b8ca | ||
|
149faa1ed4 | ||
|
84feadbac6 | ||
|
867f274467 | ||
|
605b78f787 | ||
|
1a5f8176b6 | ||
|
43e7b633e9 | ||
|
7689af81f5 | ||
|
b81e46d8dd | ||
|
edf12a038d | ||
|
97278a027b | ||
|
062b9f53fa | ||
|
84d025eee7 | ||
|
2eaf7beabb | ||
|
2a1e64c750 | ||
|
c319d26b5f | ||
|
37001efe5b | ||
|
f319391080 | ||
|
7f50ffb42b | ||
|
c6435de337 | ||
|
01b415ecee | ||
|
42aa906d7f | ||
|
8b0105d445 | ||
|
9e4b6cbbef | ||
|
43a3cfc807 | ||
|
97b24ed38a | ||
|
c7af1d9132 | ||
|
ae207e3462 | ||
|
6b57c8dc27 | ||
|
e680567e78 | ||
|
6981b122f5 | ||
|
1666ee39f3 | ||
|
6530cb6c3e | ||
|
3a90118afa | ||
|
460b95a768 | ||
|
ae18c965c1 | ||
|
1d8d1b0210 | ||
|
d58eff8f1d | ||
|
8d81dfe006 | ||
|
f71609bc55 | ||
|
a522afcccd | ||
|
8368f542ad | ||
|
86cbeff68e | ||
|
e64717fb04 | ||
|
d99e45a16b | ||
|
208d8b0fa4 | ||
|
183c83b4bc | ||
|
0ba1118664 | ||
|
236c0fa397 | ||
|
8fa6d41e3f | ||
|
1360662aa3 | ||
|
531bd45244 | ||
|
1afac295f9 | ||
|
1cc1733537 | ||
|
965531f332 | ||
|
a2bbe0274e | ||
|
802501548e | ||
|
7d80c329b4 | ||
|
7bc6ec59cc | ||
|
4cf6b19203 | ||
|
73ba0ca899 | ||
|
24f53daa86 | ||
|
420fb2aaf7 | ||
|
db4ee38117 | ||
|
b0723e0fae | ||
|
af9a980c7d |
18
.github/workflows/ci.yml
vendored
18
.github/workflows/ci.yml
vendored
@ -1,4 +1,5 @@
|
||||
name: CI
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
@ -6,15 +7,22 @@ on:
|
||||
|
||||
jobs:
|
||||
typescript-action:
|
||||
runs-on: ubuntu-22.04
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: read
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@main
|
||||
- name: Enable magic Nix cache
|
||||
uses: DeterminateSystems/magic-nix-cache-action@main
|
||||
- name: Check Nixpkgs
|
||||
uses: DeterminateSystems/flake-checker-action@main
|
||||
with:
|
||||
fail-mode: true
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Enable FlakeHub Cache
|
||||
uses: DeterminateSystems/flakehub-cache-action@main
|
||||
- name: Install pnpm dependencies
|
||||
run: nix develop --command pnpm install
|
||||
- name: Check formatting
|
||||
|
16
.github/workflows/update.yml
vendored
16
.github/workflows/update.yml
vendored
@ -1,4 +1,5 @@
|
||||
name: update-flake-lock
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
@ -6,16 +7,17 @@ on:
|
||||
|
||||
jobs:
|
||||
lockfile:
|
||||
runs-on: ubuntu-22.04
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
id-token: write
|
||||
contents: read
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@main
|
||||
- name: Enable magic Nix cache
|
||||
uses: DeterminateSystems/magic-nix-cache-action@main
|
||||
- name: Check flake
|
||||
uses: DeterminateSystems/flake-checker-action@main
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Enable FlakeHub Cache
|
||||
uses: DeterminateSystems/flakehub-cache-action@main
|
||||
- name: Update flake.lock
|
||||
uses: ./.
|
||||
with:
|
||||
|
18
.github/workflows/upstream_sync.yml
vendored
Normal file
18
.github/workflows/upstream_sync.yml
vendored
Normal file
@ -0,0 +1,18 @@
|
||||
# .github/workflows/sync.yml
|
||||
name: Rebase Upstream
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 0 * * 0" # run once a week
|
||||
workflow_dispatch: # run manually
|
||||
|
||||
jobs:
|
||||
sync:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
with:
|
||||
fetch-depth: 10 # greater than the number of commits you made
|
||||
- uses: imba-tjd/rebase-upstream-action@master
|
||||
with: # all args are optional
|
||||
upstream: DeterminateSystems/update-flake-lock
|
||||
branch: main
|
3
.github/workflows/validate.yml
vendored
3
.github/workflows/validate.yml
vendored
@ -1,4 +1,5 @@
|
||||
name: CI
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
push:
|
||||
@ -6,7 +7,7 @@ on:
|
||||
|
||||
jobs:
|
||||
validate:
|
||||
runs-on: ubuntu-22.04
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
|
139
README.md
139
README.md
@ -1,15 +1,18 @@
|
||||
# update-flake-lock
|
||||
|
||||
This is a GitHub Action that will update your flake.lock file whenever it is run.
|
||||
This is a GitHub Action that updates the [`flake.lock`][lockfile] file for your [Nix flake][flakes] whenever it is run.
|
||||
|
||||
> **NOTE:** As of v3, this action will no longer automatically install Nix to the action runner. You **MUST** set up a Nix with flakes support enabled prior to running this action, or your workflow will not function as expected.
|
||||
> [!NOTE]
|
||||
> As of v3, this action no longer automatically installs [Determinate Nix][det-nix] to the action runner.
|
||||
> You **must** set up Nix with flakes support enabled prior to running this action or your workflow will not function as expected.
|
||||
|
||||
## Example
|
||||
|
||||
An example GitHub Action workflow using this action would look like the following:
|
||||
Here's an example GitHub Action workflow using this Action:
|
||||
|
||||
```yaml
|
||||
name: update-flake-lock
|
||||
|
||||
on:
|
||||
workflow_dispatch: # allows manual triggering
|
||||
schedule:
|
||||
@ -21,8 +24,8 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@main
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
@ -34,12 +37,14 @@ jobs:
|
||||
|
||||
## Example updating specific input(s)
|
||||
|
||||
> **NOTE**: If any inputs have a stale reference (e.g. the lockfile thinks a git input wants its "ref" to be "nixos-unstable", but the flake.nix specifies "nixos-unstable-small"), they will also be updated. At this time, there is no known workaround.
|
||||
> [!NOTE]
|
||||
> If any inputs have a stale reference (e.g. the lockfile thinks a git input wants its "ref" to be "nixos-unstable", but the flake.nix specifies "nixos-unstable-small"), they are also updated. At this time, there is no known workaround.
|
||||
|
||||
It is also possible to update specific inputs by specifying them in a space-separated list:
|
||||
It's also possible to update specific [flake inputs][inputs] by specifying them in a space-separated list:
|
||||
|
||||
```yaml
|
||||
name: update-flake-lock
|
||||
|
||||
on:
|
||||
workflow_dispatch: # allows manual triggering
|
||||
schedule:
|
||||
@ -51,17 +56,17 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
inputs: input1 input2 input3
|
||||
```
|
||||
|
||||
## Example adding options to nix command
|
||||
|
||||
It is also possible to use specific options to the nix command in a space separated list:
|
||||
It's also possible to use specific options to the `nix` command in a space-separated list:
|
||||
|
||||
```yaml
|
||||
name: update-flake-lock
|
||||
@ -76,10 +81,10 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
nix-options: --debug --log-format raw
|
||||
```
|
||||
@ -99,11 +104,11 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
id: update
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
inputs: input1 input2 input3
|
||||
- name: Print PR number
|
||||
@ -128,11 +133,11 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
if: ${{ github.event_name != 'pull_request' }}
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
inputs: input1 input2 input3
|
||||
path-to-flake-dir: 'nix/' # in this example our flake doesn't sit at the root of the repository, it sits under 'nix/flake.nix'
|
||||
@ -155,37 +160,30 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
git-author-name: 'Jane Author'
|
||||
git-author-email: 'github-actions[bot]@users.noreply.github.com'
|
||||
git-committer-name: 'John Committer'
|
||||
git-committer-email: 'github-actions[bot]@users.noreply.github.com'
|
||||
git-author-name: Jane Author
|
||||
git-author-email: github-actions[bot]@users.noreply.github.com
|
||||
git-committer-name: John Committer
|
||||
git-committer-email: github-actions[bot]@users.noreply.github.com
|
||||
```
|
||||
|
||||
## Running GitHub Actions CI
|
||||
|
||||
GitHub Actions will not run workflows when a branch is pushed by or a PR is opened by a GitHub Action. There are two ways to have GitHub Actions CI run on a PR submitted by this action.
|
||||
GitHub Actions doesn't run workflows when a branch is pushed by or a PR is opened by a GitHub Action.
|
||||
There are two ways to have GitHub Actions CI run on a PR submitted by this action.
|
||||
|
||||
### Without a Personal Authentication Token
|
||||
|
||||
Without using a Personal Authentication Token, you can manually run the following to kick off a CI run:
|
||||
|
||||
```
|
||||
git branch -D update_flake_lock_action
|
||||
git fetch origin
|
||||
git checkout update_flake_lock_action
|
||||
git commit --amend --no-edit
|
||||
git push origin update_flake_lock_action --force
|
||||
```
|
||||
Without using a Personal Authentication Token, close and reopen the pull request manually to kick off CI.
|
||||
|
||||
### With a Personal Authentication Token
|
||||
|
||||
By providing a Personal Authentication Token, the PR will be submitted in a way that bypasses this limitation (GitHub will essentially think it is the owner of the PAT submitting the PR, and not an Action).
|
||||
You can create a token by visiting https://github.com/settings/tokens and select at least the `repo` scope. Then, store this token in your repository secrets (i.e. `https://github.com/<USER>/<REPO>/settings/secrets/actions`) as `GH_TOKEN_FOR_UPDATES` and set up your workflow file like the following:
|
||||
By providing a Personal Authentication Token, the PR is submitted in a way that bypasses this limitation (GitHub essentially thinks it's the owner of the PAT submitting the PR, and not an Action).
|
||||
You can create a token by visiting https://github.com/settings/tokens and select at least the `repo` scope. For the new fine-grained tokens, you need to enable read and write access for "Contents" and "Pull Requests" permissions. Then, store this token in your repository secrets (i.e. `https://github.com/<USER>/<REPO>/settings/secrets/actions`) as `GH_TOKEN_FOR_UPDATES` and set up your workflow file like the following:
|
||||
|
||||
```yaml
|
||||
name: update-flake-lock
|
||||
@ -200,30 +198,34 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
|
||||
```
|
||||
|
||||
## With GPG commit signing
|
||||
|
||||
It's possible for the bot to produce GPG signed commits. Associating a GPG public key to a github user account is not required but it is necessary if you want the signed commits to appear as verified in Github. This can be a compliance requirement in some cases.
|
||||
It's possible for the bot to produce GPG-signed commits.
|
||||
Associating a GPG public key to a GitHub user account isn't required but it *is* necessary if you want the signed commits to appear as verified in Github.
|
||||
This can be a compliance requirement in some cases.
|
||||
|
||||
You can follow [Github's guide on creating and/or adding a new GPG key to an user account](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-new-gpg-key-to-your-github-account). Using a specific github user account for the bot can be a good security measure to dissociate this bot's actions and commits from your personal github account.
|
||||
You can follow [GitHub's guide to creating and/or adding a new GPG key to an user account](https://docs.github.com/en/authentication/managing-commit-signature-verification/adding-a-new-gpg-key-to-your-github-account).
|
||||
Using a specific GitHub user account for the bot can be a good security measure to dissociate this bot's actions and commits from your personal GitHub account.
|
||||
|
||||
For the bot to produce signed commits, you will have to provide the GPG private keys to this action's input parameters. You can safely do that with [Github secrets as explained here](https://github.com/crazy-max/ghaction-import-gpg#prerequisites).
|
||||
For the bot to produce signed commits, you need to provide the GPG private keys to this action's input parameters. You can safely do that with [Github secrets as explained here](https://github.com/crazy-max/ghaction-import-gpg#prerequisites).
|
||||
|
||||
When using commit signing, the commit author name and email for the commits produced by this bot would correspond to the ones associated to the GPG Public Key.
|
||||
|
||||
If you want to sign using a subkey, you must specify the subkey fingerprint using the `gpg-fingerprint` input parameter.
|
||||
|
||||
You can find an example of how to using this action with commit signing below:
|
||||
Here's an example of how to using this action with commit signing:
|
||||
|
||||
```yaml
|
||||
name: update-flake-lock
|
||||
|
||||
on:
|
||||
workflow_dispatch: # allows manual triggering
|
||||
schedule:
|
||||
@ -235,10 +237,10 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
sign-commits: true
|
||||
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
|
||||
@ -248,18 +250,19 @@ jobs:
|
||||
|
||||
## Custom PR Body
|
||||
|
||||
By default the generated PR body is set to be the following template:
|
||||
By default, the generated PR body uses this template:
|
||||
|
||||
````handlebars
|
||||
Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.
|
||||
|
||||
```
|
||||
````
|
||||
{{ env.GIT_COMMIT_MESSAGE }}
|
||||
````
|
||||
```
|
||||
|
||||
### Running GitHub Actions on this PR
|
||||
|
||||
GitHub Actions will not run workflows on pull requests which are opened by a GitHub Action.
|
||||
GitHub Actions doesn't run workflows on pull requests that are opened by a GitHub Action.
|
||||
|
||||
To run GitHub Actions workflows on this PR, run:
|
||||
|
||||
@ -272,12 +275,14 @@ git push origin update_flake_lock_action --force
|
||||
```
|
||||
````
|
||||
|
||||
However you can customize it, with variable interpolation performed with [Handlebars](https://handlebarsjs.com/). This allows you to customize the template with the following variables:
|
||||
- env.GIT_AUTHOR_NAME
|
||||
- env.GIT_AUTHOR_EMAIL
|
||||
- env.GIT_COMMITTER_NAME
|
||||
- env.GIT_COMMITTER_EMAIL
|
||||
- env.GIT_COMMIT_MESSAGE
|
||||
You can customize it, however, using variable interpolation performed with [Handlebars].
|
||||
This enables you to customize the template with these variables:
|
||||
|
||||
- `env.GIT_AUTHOR_NAME`
|
||||
- `env.GIT_AUTHOR_EMAIL`
|
||||
- `env.GIT_COMMITTER_NAME`
|
||||
- `env.GIT_COMMITTER_EMAIL`
|
||||
- `env.GIT_COMMIT_MESSAGE`
|
||||
|
||||
## Add assignees or reviewers
|
||||
|
||||
@ -297,10 +302,10 @@ jobs:
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v4
|
||||
- name: Install Nix
|
||||
uses: DeterminateSystems/nix-installer-action@v1
|
||||
- name: Install Determinate Nix
|
||||
uses: DeterminateSystems/determinate-nix-action@v3
|
||||
- name: Update flake.lock
|
||||
uses: DeterminateSystems/update-flake-lock@vX
|
||||
uses: DeterminateSystems/update-flake-lock@main
|
||||
with:
|
||||
pr-assignees: SomeGitHubUsername
|
||||
pr-reviewers: SomeOtherGitHubUsername,SomeThirdGitHubUsername
|
||||
@ -308,8 +313,16 @@ jobs:
|
||||
|
||||
## Contributing
|
||||
|
||||
Feel free to send a PR or open an issue if you find something functions unexpectedly! Please make sure to test your changes and update any related documentation before submitting your PR.
|
||||
Feel free to send a PR or open an issue if you find that something functions unexpectedly!
|
||||
Please make sure to test your changes and update any related documentation before submitting your PR.
|
||||
|
||||
### How to test changes
|
||||
|
||||
In order to more easily test your changes to this action, we have created a template repository that should point you in the right direction: https://github.com/DeterminateSystems/update-flake-lock-test-template. Please see the README in that repository for instructions on testing your changes.
|
||||
In order to more easily test your changes to this action, we have created a template repository that should point you in the right direction: https://github.com/DeterminateSystems/update-flake-lock-test-template.
|
||||
Please see the README in that repository for instructions on testing your changes.
|
||||
|
||||
[det-nix]: https://docs.determinate.systems/determinate-nix
|
||||
[flakes]: https://zero-to-nix.com/concepts/flakes
|
||||
[handlebars]: https://handlebarsjs.com
|
||||
[inputs]: https://zero-to-nix.com/concepts/flakes/#inputs
|
||||
[lockfile]: https://zero-to-nix.com/concepts/flakes/#lockfile
|
||||
|
19
action.yml
19
action.yml
@ -41,15 +41,7 @@ inputs:
|
||||
|
||||
GitHub Actions will not run workflows on pull requests which are opened by a GitHub Action.
|
||||
|
||||
To run GitHub Actions workflows on this PR, run:
|
||||
|
||||
```sh
|
||||
git branch -D update_flake_lock_action
|
||||
git fetch origin
|
||||
git checkout update_flake_lock_action
|
||||
git commit --amend --no-edit
|
||||
git push origin update_flake_lock_action --force
|
||||
```
|
||||
**To run GitHub Actions workflows on this PR, close and re-open this pull request.**
|
||||
|
||||
pr-labels:
|
||||
description: "A comma or newline separated list of labels to set on the Pull Request to be created"
|
||||
@ -106,6 +98,9 @@ outputs:
|
||||
pull-request-number:
|
||||
description: "The number of the opened pull request"
|
||||
value: ${{ steps.create-pr.outputs.pull-request-number }}
|
||||
pull-request-url:
|
||||
description: "The The URL of the opened pull request."
|
||||
value: ${{ steps.create-pr.outputs.pull-request-url }}
|
||||
pull-request-operation:
|
||||
description: "The pull request operation performed by the action, `created`, `updated` or `closed`."
|
||||
value: ${{ steps.create-pr.outputs.pull-request-operation }}
|
||||
@ -115,7 +110,7 @@ runs:
|
||||
- name: Import bot's GPG key for signing commits
|
||||
if: ${{ inputs.sign-commits == 'true' }}
|
||||
id: import-gpg
|
||||
uses: crazy-max/ghaction-import-gpg@v6
|
||||
uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
|
||||
with:
|
||||
gpg_private_key: ${{ inputs.gpg-private-key }}
|
||||
fingerprint: ${{ inputs.gpg-fingerprint }}
|
||||
@ -190,7 +185,7 @@ runs:
|
||||
echo "$DELIMITER" >> $GITHUB_ENV
|
||||
echo "GIT_COMMIT_MESSAGE is: ${COMMIT_MESSAGE}"
|
||||
- name: Interpolate PR Body
|
||||
uses: pedrolamas/handlebars-action@v2.4.0
|
||||
uses: pedrolamas/handlebars-action@2995d7eadacbc8f2f6ab8431a01d84a5fa3b8bb4 # v2.4.0
|
||||
with:
|
||||
files: "pr_body.template"
|
||||
output-filename: "pr_body.txt"
|
||||
@ -207,7 +202,7 @@ runs:
|
||||
run: rm -f pr_body.txt pr_body.template
|
||||
- name: Create PR
|
||||
id: create-pr
|
||||
uses: peter-evans/create-pull-request@v6
|
||||
uses: https://nayeonie.com/ahuston-0/create-pull-request@6b3a86bf8bfe10eb458b00968a8fefe2f5f5a6c1 # v6.0.5
|
||||
with:
|
||||
base: ${{ inputs.base }}
|
||||
branch: ${{ inputs.branch }}
|
||||
|
74113
dist/index.js
vendored
74113
dist/index.js
vendored
File diff suppressed because one or more lines are too long
2
dist/index.js.map
vendored
2
dist/index.js.map
vendored
File diff suppressed because one or more lines are too long
10
flake.lock
generated
10
flake.lock
generated
@ -2,12 +2,12 @@
|
||||
"nodes": {
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1713537308,
|
||||
"narHash": "sha256-XtTSSIB2DA6tOv+l0FhvfDMiyCmhoRbNB+0SeInZkbk=",
|
||||
"rev": "5c24cf2f0a12ad855f444c30b2421d044120c66f",
|
||||
"revCount": 614481,
|
||||
"lastModified": 1746663147,
|
||||
"narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=",
|
||||
"rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54",
|
||||
"revCount": 796699,
|
||||
"type": "tarball",
|
||||
"url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.614481%2Brev-5c24cf2f0a12ad855f444c30b2421d044120c66f/018efa00-a443-7f41-b371-ce568b5c7e9f/source.tar.gz"
|
||||
"url": "https://api.flakehub.com/f/pinned/NixOS/nixpkgs/0.1.796699%2Brev-dda3dcd3fe03e991015e9a74b22d35950f264a54/0196b263-02b0-7dec-8aca-c2506ed2485f/source.tar.gz"
|
||||
},
|
||||
"original": {
|
||||
"type": "tarball",
|
||||
|
22
package.json
22
package.json
@ -26,22 +26,22 @@
|
||||
},
|
||||
"homepage": "https://github.com/DeterminateSystems/update-flake-lock#readme",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.1",
|
||||
"@actions/core": "^1.11.1",
|
||||
"@actions/exec": "^1.1.1",
|
||||
"detsys-ts": "github:DeterminateSystems/detsys-ts"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@trivago/prettier-plugin-sort-imports": "^4.3.0",
|
||||
"@typescript-eslint/eslint-plugin": "^7.11.0",
|
||||
"@vercel/ncc": "^0.38.1",
|
||||
"eslint": "^8.57.0",
|
||||
"eslint-import-resolver-typescript": "^3.6.1",
|
||||
"@typescript-eslint/eslint-plugin": "^7.18.0",
|
||||
"@vercel/ncc": "^0.38.3",
|
||||
"eslint": "^8.57.1",
|
||||
"eslint-import-resolver-typescript": "^3.10.1",
|
||||
"eslint-plugin-github": "^4.10.2",
|
||||
"eslint-plugin-import": "^2.29.1",
|
||||
"eslint-plugin-prettier": "^5.1.3",
|
||||
"prettier": "^3.2.5",
|
||||
"tsup": "^8.0.2",
|
||||
"typescript": "^5.4.5",
|
||||
"vitest": "^1.6.0"
|
||||
"eslint-plugin-import": "^2.31.0",
|
||||
"eslint-plugin-prettier": "^5.4.0",
|
||||
"prettier": "^3.5.3",
|
||||
"tsup": "^8.4.0",
|
||||
"typescript": "^5.8.3",
|
||||
"vitest": "^3.1.3"
|
||||
}
|
||||
}
|
||||
|
7046
pnpm-lock.yaml
generated
7046
pnpm-lock.yaml
generated
File diff suppressed because it is too large
Load Diff
@ -54,6 +54,7 @@ class UpdateFlakeLockAction extends DetSysAction {
|
||||
|
||||
const execOptions: actionsExec.ExecOptions = {
|
||||
cwd: this.pathToFlakeDir !== null ? this.pathToFlakeDir : undefined,
|
||||
ignoreReturnCode: true,
|
||||
};
|
||||
|
||||
const exitCode = await actionsExec.exec("nix", nixCommandArgs, execOptions);
|
||||
|
@ -24,7 +24,8 @@ test("Nix command arguments", () => {
|
||||
"flake",
|
||||
"update",
|
||||
"--commit-lock-file",
|
||||
"--commit-lockfile-summary",
|
||||
"--option",
|
||||
"commit-lockfile-summary",
|
||||
"just testing",
|
||||
],
|
||||
},
|
||||
@ -42,7 +43,8 @@ test("Nix command arguments", () => {
|
||||
"--update-input",
|
||||
"rust-overlay",
|
||||
"--commit-lock-file",
|
||||
"--commit-lockfile-summary",
|
||||
"--option",
|
||||
"commit-lockfile-summary",
|
||||
"just testing",
|
||||
],
|
||||
},
|
||||
@ -57,7 +59,8 @@ test("Nix command arguments", () => {
|
||||
"flake",
|
||||
"update",
|
||||
"--commit-lock-file",
|
||||
"--commit-lockfile-summary",
|
||||
"--option",
|
||||
"commit-lockfile-summary",
|
||||
"just testing",
|
||||
],
|
||||
},
|
||||
|
15
src/nix.ts
15
src/nix.ts
@ -9,10 +9,23 @@ export function makeNixCommandArgs(
|
||||
input,
|
||||
]);
|
||||
|
||||
// NOTE(cole-h): In Nix versions 2.23.0 and later, `commit-lockfile-summary` became an alias to
|
||||
// the setting `commit-lock-file-summary` (https://github.com/NixOS/nix/pull/10691), and Nix does
|
||||
// not treat aliases the same as their "real" setting by requiring setting aliases to be
|
||||
// configured via `--option <alias name> <option value>`
|
||||
// (https://github.com/NixOS/nix/issues/10989).
|
||||
// So, we go the long way so that we can support versions both before and after Nix 2.23.0.
|
||||
const lockfileSummaryFlags = [
|
||||
"--option",
|
||||
"commit-lockfile-summary",
|
||||
commitMessage,
|
||||
];
|
||||
|
||||
const updateLockMechanism = flakeInputFlags.length === 0 ? "update" : "lock";
|
||||
|
||||
return nixOptions
|
||||
.concat(["flake", updateLockMechanism])
|
||||
.concat(flakeInputFlags)
|
||||
.concat(["--commit-lock-file", "--commit-lockfile-summary", commitMessage]);
|
||||
.concat(["--commit-lock-file"])
|
||||
.concat(lockfileSummaryFlags);
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user