name: Update lockfiles on: schedule: # run every friday - cron: "0 0 * * 5" workflow_dispatch: jobs: update: name: Run update runs-on: ubuntu-latest permissions: contents: write pull-requests: write env: PR_BRANCH: "update-lockfiles" steps: - uses: actions/checkout@v4 - name: Install Nix uses: cachix/install-nix-action@v26 - name: Set Git user info run: | git config user.name 'github-actions[bot]' git config user.email 'github-actions[bot]@users.noreply.github.com' - name: Create new branch id: branch run: | git switch -c "$PR_BRANCH" - name: Update flake inputs run: | pushd dev nix flake update \ --commit-lock-file \ --commit-lockfile-summary "chore: update dev flake inputs" popd - name: Update port sources run: | nix run --inputs-from ./dev nixpkgs#npins -- update --directory ./.sources if ! git diff --color=always --exit-code; then git commit -am "chore: update port sources" fi - name: Make PR if needed env: GH_TOKEN: ${{ github.token }} run: | if ! git diff --color=always --exit-code origin/main; then git fetch origin "$PR_BRANCH" || true git push --force-with-lease -u origin "$PR_BRANCH" open_prs="$(gh pr list --base main --head "$PR_BRANCH" | wc -l)" if [ "$open_prs" -eq 0 ]; then gh pr create \ --base main \ --head "$PR_BRANCH" \ --title "chore: update lockfiles" \ --fill fi fi