9999d33b51
updated-dependencies: - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
70 lines
1.7 KiB
YAML
70 lines
1.7 KiB
YAML
name: Update lockfiles
|
|
|
|
on:
|
|
schedule:
|
|
# run every friday
|
|
- cron: "0 0 * * 5"
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
update:
|
|
name: Run update
|
|
runs-on: ubuntu-latest
|
|
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
|
|
env:
|
|
PR_BRANCH: "update-lockfiles"
|
|
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Install Nix
|
|
uses: cachix/install-nix-action@V27
|
|
|
|
- name: Set Git user info
|
|
run: |
|
|
git config user.name 'github-actions[bot]'
|
|
git config user.email 'github-actions[bot]@users.noreply.github.com'
|
|
|
|
- name: Create new branch
|
|
id: branch
|
|
run: |
|
|
git switch -c "$PR_BRANCH"
|
|
|
|
- name: Update flake inputs
|
|
run: |
|
|
pushd dev
|
|
|
|
nix flake update \
|
|
--commit-lock-file \
|
|
--commit-lockfile-summary "chore: update dev flake inputs"
|
|
|
|
popd
|
|
|
|
- name: Update port sources
|
|
run: |
|
|
nix run --inputs-from ./dev nixpkgs#npins -- update --directory ./.sources
|
|
if ! git diff --color=always --exit-code; then
|
|
git commit -am "chore: update port sources"
|
|
fi
|
|
|
|
- name: Make PR if needed
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
run: |
|
|
if ! git diff --color=always --exit-code origin/main; then
|
|
git fetch origin "$PR_BRANCH" || true
|
|
git push --force-with-lease -u origin "$PR_BRANCH"
|
|
|
|
open_prs="$(gh pr list --base main --head "$PR_BRANCH" | wc -l)"
|
|
if [ "$open_prs" -eq 0 ]; then
|
|
gh pr create \
|
|
--base main \
|
|
--head "$PR_BRANCH" \
|
|
--title "chore: update lockfiles" \
|
|
--fill
|
|
fi
|
|
fi
|