rose-pine-nix/.github/workflows/update-lock.yml
dependabot[bot] 9999d33b51
ci: bump cachix/install-nix-action from 26 to 27 (#180)
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-20 20:08:27 -04:00

70 lines
1.7 KiB
YAML

name: Update lockfiles
on:
schedule:
# run every friday
- cron: "0 0 * * 5"
workflow_dispatch:
jobs:
update:
name: Run update
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
env:
PR_BRANCH: "update-lockfiles"
steps:
- uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@V27
- name: Set Git user info
run: |
git config user.name 'github-actions[bot]'
git config user.email 'github-actions[bot]@users.noreply.github.com'
- name: Create new branch
id: branch
run: |
git switch -c "$PR_BRANCH"
- name: Update flake inputs
run: |
pushd dev
nix flake update \
--commit-lock-file \
--commit-lockfile-summary "chore: update dev flake inputs"
popd
- name: Update port sources
run: |
nix run --inputs-from ./dev nixpkgs#npins -- update --directory ./.sources
if ! git diff --color=always --exit-code; then
git commit -am "chore: update port sources"
fi
- name: Make PR if needed
env:
GH_TOKEN: ${{ github.token }}
run: |
if ! git diff --color=always --exit-code origin/main; then
git fetch origin "$PR_BRANCH" || true
git push --force-with-lease -u origin "$PR_BRANCH"
open_prs="$(gh pr list --base main --head "$PR_BRANCH" | wc -l)"
if [ "$open_prs" -eq 0 ]; then
gh pr create \
--base main \
--head "$PR_BRANCH" \
--title "chore: update lockfiles" \
--fill
fi
fi