jolly winter cleanup (#251)

* ci: bump DeterminateSystems/nix-installer-action from 13 to 16 Bumps [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action) from 13 to 16. - [Release notes](https://github.com/determinatesystems/nix-installer-action/releases) - [Commits](https://github.com/determinatesystems/nix-installer-action/compare/v13...v16) --- updated-dependencies: - dependency-name: DeterminateSystems/nix-installer-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * crates: bump serde from 1.0.209 to 1.0.215 Bumps [serde](https://github.com/serde-rs/serde) from 1.0.209 to 1.0.215. - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.209...v1.0.215) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * crates: bump serde_json from 1.0.127 to 1.0.133 Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.127 to 1.0.133. - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.127...v1.0.133) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * crates: bump tokio from 1.40.0 to 1.41.1 Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.40.0 to 1.41.1. - [Release notes](https://github.com/tokio-rs/tokio/releases) - [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.40.0...tokio-1.41.1) --- updated-dependencies: - dependency-name: tokio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * crates: bump reqwest from 0.12.7 to 0.12.9 Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.7 to 0.12.9. - [Release notes](https://github.com/seanmonstar/reqwest/releases) - [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md) - [Commits](https://github.com/seanmonstar/reqwest/compare/v0.12.7...v0.12.9) --- updated-dependencies: - dependency-name: reqwest dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * nix: update flake.lock * ci: bump DeterminateSystems/magic-nix-cache-action from 7 to 8 Bumps [DeterminateSystems/magic-nix-cache-action](https://github.com/determinatesystems/magic-nix-cache-action) from 7 to 8. - [Release notes](https://github.com/determinatesystems/magic-nix-cache-action/releases) - [Commits](https://github.com/determinatesystems/magic-nix-cache-action/compare/v7...v8) --- updated-dependencies: - dependency-name: DeterminateSystems/magic-nix-cache-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> * treewide: debrand * nix: adopt new darwin sdk * nix: drop treefmt * nix: misc formatting changes * ci: cleanup * nix: pass version info to static builds * nix: mv {derivation,package}.nix * eyre -> anyhow * remove 2024 edition warnings * format with rustfmt * remove optional commands * ci: don't include internal variables in job names * nix: enable for lto builds --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: getchoo-bot[bot] <183349775+getchoo-bot[bot]@users.noreply.github.com>
author: seth <[email protected]> 2024-12-19 16:26:18 -0500
committer: GitHub <[email protected]> 2024-12-19 21:26:18 +0000
commit: 2ae2b978f3fad7a58cb129333b36a210bb200488 (patch)
tree: ef12b9e1a29462c4de6b787fcf9c34d80b563b9f /.github
parent: 77309844e6b890544bc4eea7f03bbafe493ba61e (diff)
5 files changed, 154 insertions, 156 deletions
diff --git a/.github/workflows/autobot.yaml b/.github/workflows/autobot.yaml
index f1ebe4e..129eb80 100644
--- a/.github/workflows/autobot.yaml
+++ b/.github/workflows/autobot.yaml
@@ -1,31 +1,34 @@
-name: Auto-merge Dependabot
+name: "Auto-merge Dependabot"
 
-on: pull_request
+on:
+  pull_request:
 
 jobs:
   automerge:
-    name: Check and merge PR
-    if: github.actor == 'dependabot[bot]'
+    name: "Check and merge PR"
 
-    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+
+    runs-on: "ubuntu-latest"
 
     steps:
-      - name: Generate GitHub App token
-        uses: actions/create-github-app-token@v1
-        id: app-token
+      - name: "Generate GitHub App token"
+        uses: "actions/create-github-app-token@v1"
+        id: "app-token"
         with:
           app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
 
-      - name: Fetch metadata
-        uses: dependabot/fetch-metadata@v2
-        id: metadata
+      - name: "Fetch metadata"
+        uses: "dependabot/fetch-metadata@v2"
+        id: "metadata"
         with:
           github-token: ${{ steps.app-token.outputs.token }}
 
-      - name: Enable auto-merge
+      - name: "Enable auto-merge"
         if: ${{ steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor' }}
-        run: gh pr merge --auto --squash "$PR"
         env:
-          PR: ${{ github.event.pull_request.html_url }}
           GH_TOKEN: ${{ steps.app-token.outputs.token }}
+          PR: ${{ github.event.pull_request.html_url }}
+        run: |
+          gh pr merge --auto --squash "$PR"
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index f084a2a..68f9f35 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -1,8 +1,8 @@
-name: CI
+name: "CI"
 
 on:
   push:
-    branches: [main]
+    branches: [ "main" ]
     paths:
       - "**.nix"
       - "**.rs"
@@ -18,71 +18,64 @@ on:
 
 jobs:
   build:
-    name: Build
+    name: "Build (${{ matrix.os }})"
 
     strategy:
       fail-fast: false
       matrix:
-        os: [macos-latest, windows-latest]
+        include:
+          - os: "ubuntu-latest"
+            use-nix: true
+          - os: "windows-latest"
+            use-nix: false
 
     runs-on: ${{ matrix.os }}
 
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
+      - name: "Checkout repository"
+        uses: "actions/checkout@v4"
 
-      - name: Install Rust
-        uses: actions-rust-lang/setup-rust-toolchain@v1
+      - name: "Install Nix"
+        if: ${{ matrix.use-nix }}
+        uses: "cachix/install-nix-action@v30"
 
-      - name: Run build
-        run: |
-          cargo build --locked --release
-
-  nix:
-    name: Nix
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Install Nix
-        uses: DeterminateSystems/nix-installer-action@v13
+      - name: "Setup Nix cache"
+        if: ${{ matrix.use-nix }}
+        uses: "DeterminateSystems/magic-nix-cache-action@v8"
 
-      - name: Setup Nix cache
-        uses: DeterminateSystems/magic-nix-cache-action@v7
+      - name: "Install Rust"
+        if: ${{ !matrix.use-nix }}
+        uses: "actions-rust-lang/setup-rust-toolchain@v1"
 
-      - name: Run flake checks
+      - name: "Run cargo build"
+        if: ${{ !matrix.use-nix }}
         run: |
-          nix build --print-build-logs --show-trace
-
-  rustfmt:
-    name: Rustfmt
-
-    runs-on: ubuntu-latest
+          cargo build --locked --release
 
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
+      - name: "Evaluate flake.nix"
+        if: ${{ matrix.use-nix }}
+        run: nix flake check --no-build --show-trace
 
-      - name: Install Rust
-        uses: actions-rust-lang/setup-rust-toolchain@v1
-        with:
-          components: rustfmt
+      - name: "Run nix build"
+        if: ${{ matrix.use-nix }}
+        run: |
+          nix build --print-build-logs
 
-      - name: Run rustfmt
-        uses: actions-rust-lang/rustfmt@v1
+      - name: "Build Flake checks"
+        if: ${{ matrix.os == 'ubuntu-latest' }}
+        run: |
+          nix flake check --print-build-logs
 
   release-gate:
-    name: CI Release gate
-    needs: [build, rustfmt, nix]
+    name: "CI Release gate"
+    needs: [ "build" ]
 
     if: ${{ always() }}
 
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
 
     steps:
-      - name: Exit with error
-        if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
-        run: exit 1
+      - name: "Exit with error"
+        if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
+        run: |
+          exit 1
diff --git a/.github/workflows/clippy.yaml b/.github/workflows/clippy.yaml
index cd99256..138e418 100644
--- a/.github/workflows/clippy.yaml
+++ b/.github/workflows/clippy.yaml
@@ -1,56 +1,54 @@
-name: Clippy
+name: "Clippy"
 
 on:
   push:
-    branches: [main]
+    branches: [ "main" ]
     paths:
-      - 'Cargo.toml'
-      - 'Cargo.lock'
-      - '**.rs'
+      - "**.rs"
+      - "**.lock"
+      - "Cargo.toml"
+      - "flake.nix"
+
+      - ".github/workflows/clippy.yaml"
   pull_request:
     paths:
-      - 'Cargo.toml'
-      - 'Cargo.lock'
-      - '**.rs'
+      - "**.rs"
+      - "**.lock"
+      - "Cargo.toml"
+      - "flake.nix"
+
+      - ".github/workflows/clippy.yaml"
   workflow_dispatch:
 
 jobs:
   clippy:
-    name: Run scan
+    name: "Run scan"
 
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
 
     permissions:
-      security-events: write
+      contents: "read"
+      security-events: "write"
 
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
+      - name: "Checkout repository"
+        uses: "actions/checkout@v4"
 
-      - name: Install Rust
-        uses: actions-rust-lang/setup-rust-toolchain@v1
-        with:
-          components: clippy
+      - name: "Install Nix"
+        uses: "cachix/install-nix-action@v30"
 
-      - name: Install SARIF tools
-        run: |
-          cargo install clippy-sarif sarif-fmt
+      - name: "Setup Nix cache"
+        uses: "DeterminateSystems/magic-nix-cache-action@v8"
 
-      - name: Fetch Cargo deps
+      - name: "Run Clippy"
+        id: "clippy-run"
         run: |
-          cargo fetch --locked
+          nix build --print-build-logs .#checks.x86_64-linux.clippy-sarif
+          [ -L result ] || exit 1
+          echo "sarif-file=$(readlink -f result)" >> "$GITHUB_OUTPUT"
 
-      - name: Run Clippy
-        continue-on-error: true
-        run: |
-          cargo clippy \
-            --all-features \
-            --all-targets \
-            --message-format=json \
-          | clippy-sarif | tee /tmp/clippy.sarif | sarif-fmt
-
-      - name: Upload results
-        uses: github/codeql-action/upload-sarif@v3
+      - name: "Upload results"
+        uses: "github/codeql-action/upload-sarif@v3"
         with:
-          sarif_file: /tmp/clippy.sarif
+          sarif_file: ${{ steps.clippy-run.outputs.sarif-file }}
           wait-for-processing: true
diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index 0bb28ad..fe8cffd 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -1,8 +1,8 @@
-name: Docker
+name: "Docker"
 
 on:
   push:
-    branches: [main]
+    branches: [ "main" ]
     paths:
       - "**.nix"
       - "**.rs"
@@ -18,27 +18,27 @@ on:
 
 jobs:
   build:
-    name: Build image
+    name: "Build image"
 
     strategy:
       fail-fast: false
       matrix:
-        arch: [amd64, arm64]
+        arch: [ "amd64", "arm64" ]
 
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
 
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
+      - name: "Checkout repository"
+        uses: "actions/checkout@v4"
 
-      - name: Install Nix
-        uses: DeterminateSystems/nix-installer-action@v13
+      - name: "Install Nix"
+        uses: "cachix/install-nix-action@v30"
 
-      - name: Setup Nix cache
-        uses: DeterminateSystems/magic-nix-cache-action@v7
+      - name: "Setup Nix cache"
+        uses: "DeterminateSystems/magic-nix-cache-action@v8"
 
-      - name: Build Docker image
-        id: build
+      - name: "Build Docker image"
+        id: "build"
         env:
           ARCH: ${{ matrix.arch }}
         run: |
@@ -51,67 +51,69 @@ jobs:
           [ ! -L result ] && exit 1
           echo "path=$(readlink -f ./result)" >> "$GITHUB_OUTPUT"
 
-      - name: Upload image
-        uses: actions/upload-artifact@v4
+      - name: "Upload image"
+        uses: "actions/upload-artifact@v4"
         with:
-          name: container-${{ matrix.arch }}
+          name: "container-${{ matrix.arch }}"
           path: ${{ steps.build.outputs.path }}
-          if-no-files-found: error
+          if-no-files-found: "error"
           retention-days: 1
 
   release-gate:
-    name: Docker Release Gate
-    needs: build
+    name: "Docker Release Gate"
+    needs: [ "build" ]
 
-    if: always()
+    if: ${{ always() }}
 
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
 
     steps:
-      - name: Exit with error
-        if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
-        run: exit 1
+      - name: "Exit with error"
+        if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
+        run: |
+          exit 1
 
   push:
-    name: Push image
-    needs: release-gate
+    name: "Push image"
+    needs: [ "release-gate" ]
 
-    if: github.event_name == 'push'
+    if: ${{ github.event_name == 'push' }}
 
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
 
     permissions:
-      packages: write
+      contents: "read"
+      packages: "write"
 
     env:
-      REGISTRY: ghcr.io
+      REGISTRY: "ghcr.io"
       USERNAME: ${{ github.actor }}
-      IMAGE_NAME: teawie-bot
+      IMAGE_NAME: "chill-discord-bot"
 
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
+      - name: "Checkout repository"
+        uses: "actions/checkout@v4"
 
-      - name: Download images
-        uses: actions/download-artifact@v4
+      - name: "Download images"
+        uses: "actions/download-artifact@v4"
         with:
-          path: images
+          path: "images"
 
-      - name: Login to registry
-        uses: docker/login-action@v3
+      - name: "Login to registry"
+        uses: "docker/login-action@v3"
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ env.USERNAME }}
           password: ${{ github.token }}
 
-      - name: Push to registry
+      - name: "Push to registry"
         env:
           TAG: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
         run: |
           architectures=("amd64" "arm64")
           for arch in "${architectures[@]}"; do
             docker load < images/container-"$arch"/*.tar.gz
-            docker tag teawie-bot:latest-"$arch" "$TAG"-"$arch"
+            docker tag chill-discord-bot:latest-"$arch" "$TAG"-"$arch"
             docker push "$TAG"-"$arch"
           done
 
diff --git a/.github/workflows/update-flake.yaml b/.github/workflows/update-flake.yaml
index 4473811..22e498f 100644
--- a/.github/workflows/update-flake.yaml
+++ b/.github/workflows/update-flake.yaml
@@ -1,49 +1,51 @@
-name: Update flake.lock
+name: "Update flake.lock"
 
 on:
   schedule:
-    # run every saturday
-    - cron: "0 0 * * 6"
+    # Run on the 1st and 15th of every month
+    - cron: "0 0 1,15 * *"
   workflow_dispatch:
 
 jobs:
   update:
-    name: Run update & create PR
+    name: "Run update & create PR"
 
-    runs-on: ubuntu-latest
+    runs-on: "ubuntu-latest"
 
     steps:
-      - name: Generate GitHub App token
-        uses: actions/create-github-app-token@v1
-        id: app-token
+      - name: "Generate GitHub App token"
+        uses: "actions/create-github-app-token@v1"
+        id: "app-token"
         with:
           app-id: ${{ vars.APP_ID }}
           private-key: ${{ secrets.PRIVATE_KEY }}
 
-      - name: Checkout repository
-        uses: actions/checkout@v4
+      - name: "Checkout repository"
+        uses: "actions/checkout@v4"
         with:
           token: ${{ steps.app-token.outputs.token }}
 
-      - name: Install Nix
-        uses: DeterminateSystems/nix-installer-action@v14
+      - name: "Install Nix"
+        uses: "cachix/install-nix-action@v30"
 
-      - name: Run update
-        run: nix flake update
+      - name: "Run update"
+        run: |
+          nix flake update
 
-      - name: Create pull request
-        id: pull-request
-        uses: peter-evans/create-pull-request@v7
+      - name: "Create pull request"
+        id: "pull-request"
+        uses: "peter-evans/create-pull-request@v7"
         with:
-          branch: update-flake-lock
+          branch: "update-flake-lock"
           commit-message: "nix: update flake.lock"
           title: "nix: update flake.lock"
           token: ${{ steps.app-token.outputs.token }}
           sign-commits: true
 
-      - name: Enable auto-merge
+      - name: "Enable auto-merge"
         if: ${{ env.PR_ID != '' }}
-        run: gh pr merge --auto --squash "$PR_ID"
         env:
-          PR_ID: ${{ steps.pull-request.outputs.pull-request-number }}
           GH_TOKEN: ${{ steps.app-token.outputs.token }}
+          PR_ID: ${{ steps.pull-request.outputs.pull-request-number }}
+        run: |
+          gh pr merge --auto --squash "$PR_ID"
author	seth <[email protected]>	2024-12-19 16:26:18 -0500
committer	GitHub <[email protected]>	2024-12-19 21:26:18 +0000
commit	2ae2b978f3fad7a58cb129333b36a210bb200488 (patch)
tree	ef12b9e1a29462c4de6b787fcf9c34d80b563b9f /.github
parent	77309844e6b890544bc4eea7f03bbafe493ba61e (diff)