fix: Re-introduce inputs.pr-title

This is to allow users to override the PR title since the commit message as well as title are processed differently which may lead to errors in how they are displayed. For example, the commit message needs quotations to be escaped

.github/workflows/ci.yml

@@ -1,17 +0,0 @@
-name: CI
-on:
-  pull_request:
-  push:
-    branches: [main]
-
-jobs:
-  shellcheck:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-        with:
-          fetch-depth: 0
-      - name: Install Nix
-        uses: cachix/install-nix-action@v16
-      - name: Shellcheck
-        run: nix-shell --run 'shellcheck $(find . -type f -name "*.sh" -executable)'

.github/workflows/update.yml

@@ -1,19 +0,0 @@
-name: update-flake-lock
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '0 0 * * 0'
-
-jobs:
-  lockfile:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v2
-      - name: Install Nix
-        uses: cachix/install-nix-action@v16
-        with:
-          extra_nix_config: |
-            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
-      - name: Update flake.lock
-        uses: ./.

.github/workflows/validate.yml

@@ -0,0 +1,20 @@
+name: CI
+on:
+  pull_request:
+  push:
+    branches: [main]
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Validate YAML
+        uses: nwisbeta/validate-yaml-schema@v1.0.3
+        with:
+          yamlSchemasJson: |
+            {
+              "https://json.schemastore.org/github-action.json": ["action.yml"]
+            }

README.md

@@ -27,7 +27,12 @@ jobs:
           extra_nix_config: |
             access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
       - name: Update flake.lock
-        uses: DeterminateSystems/update-flake-lock@v3
+        uses: DeterminateSystems/update-flake-lock@vX
+        with:
+          pr-title: "Update flake.lock" # Title of PR to be created
+          pr-labels: |                  # Labels to be set on the PR
+            dependencies
+            automated
 ```
 
 ## Example updating specific input(s)
@@ -62,7 +67,11 @@ jobs:
 
 ## Running GitHub Actions CI
 
-GitHub Actions will not run workflows when a branch is pushed by or a PR is opened by a GitHub Action. To work around this, try:
+GitHub Actions will not run workflows when a branch is pushed by or a PR is opened by a GitHub Action. There are two ways to have GitHub Actions CI run on a PR submitted by this action.
+
+### Without a Personal Authentication Token
+
+Without using a Personal Authentication Token, you can manually run the following to kick off a CI run:
 
 ```
 git branch -D update_flake_lock_action
@@ -72,6 +81,32 @@ git commit --amend --no-edit
 git push origin update_flake_lock_action --force
 ```
 
+### With a Personal Authentication Token
+
+By providing a Personal Authentication Token, the PR will be submitted in a way that bypasses this limitation (GitHub will essentially think it is the owner of the PAT submitting the PR, and not an Action).
+You can create a token by visiting https://github.com/settings/tokens and select at least the `repo` scope. Then, store this token in your repository secrets (i.e. 'https://github.com/<USER>/<REPO>/settings/secrets/actions') as `GH_TOKEN_FOR_UPDATES` and set up your workflow file like the following:
+
+```yaml
+name: update-flake-lock
+on:
+  workflow_dispatch: # allows manual triggering
+  schedule:
+    - cron: '0 0 * * 1,4' # Run twice a week
+
+jobs:
+  lockfile:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+      - name: Install Nix
+        uses: cachix/install-nix-action@v16
+      - name: Update flake.lock
+        uses: DeterminateSystems/update-flake-lock@vX
+        with:
+          token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
+```
+
 ## Contributing
 
 Feel free to send a PR or open an issue if you find something functions unexpectedly! Please make sure to test your changes and update any related documentation before submitting your PR.

action.yml

@@ -5,10 +5,35 @@ inputs:
     description: 'A space-separated list of inputs to update. Leave empty to update all inputs.'
     required: false
     default: ''
+  token:
+    description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)'
+    required: false
+    default: ${{ github.token }}
+  commit-msg:
+    description: 'The message provided with the commit'
+    required: false
+    default: "flake.lock: Update"
+  pr-title:
+    description: 'The title of the PR to be created'
+    required: false
+    default: "flake.lock: Update"
+  pr-labels:
+    description: 'A comma or newline separated list of labels to set on the Pull Request to be created'
+    required: false
+    default: ''
 runs:
   using: "composite"
   steps:
-    - run: ./update-input-or-inputs.sh ${{ inputs.inputs }}
+    - run: |
+        if [[ -n '${{ inputs.inputs }}' ]]; then
+          inputs=()
+          for input in ${{ inputs.inputs }}; do
+            inputs+=("--update-input" "$input")
+          done
+          nix flake lock "${inputs[@]}" --commit-lock-file --commit-lockfile-summary "${{ inputs.commit-msg }}"
+        else
+          nix flake update --commit-lock-file --commit-lockfile-summary "${{ inputs.commit-msg }}"
+        fi
       shell: bash
       env:
         GIT_AUTHOR_NAME: github-actions[bot]
@@ -28,7 +53,9 @@ runs:
       with:
         branch: update_flake_lock_action
         delete-branch: true
-        title: "flake.lock: Update"
+        title: ${{ inputs.pr-title }}
+        token: ${{ inputs.token }}
+        labels: ${{ inputs.pr-labels }}
         body: |
           Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.
 

update-input-or-inputs.sh

@@ -1,12 +0,0 @@
-#!/usr/bin/env bash
-to_update=$*
-
-if [ -n "$to_update" ]; then
-  inputs=()
-  for input in $to_update; do
-    inputs+=("--update-input" "$input")
-  done
-  nix flake lock "${inputs[@]}" --commit-lock-file
-else
-  nix flake update --commit-lock-file
-fi