diff options
Diffstat (limited to '.github/workflows/update-flake.yaml')
| -rw-r--r-- | .github/workflows/update-flake.yaml | 60 |
1 files changed, 48 insertions, 12 deletions
diff --git a/.github/workflows/update-flake.yaml b/.github/workflows/update-flake.yaml index 3726908..a3a6293 100644 --- a/.github/workflows/update-flake.yaml +++ b/.github/workflows/update-flake.yaml @@ -1,4 +1,4 @@ -name: Update flake.lock +name: Update lockfiles on: schedule: @@ -8,29 +8,65 @@ on: jobs: update: + name: Run update runs-on: ubuntu-latest permissions: contents: write pull-requests: write + env: + PR_BRANCH: "update-lockfiles" + steps: - - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v4 - name: Install Nix uses: DeterminateSystems/nix-installer-action@v10 - - name: Update lockfile & make PR - uses: DeterminateSystems/update-flake-lock@v21 - id: update - with: - commit-msg: "flake: update inputs" - pr-title: "flake: update inputs" - token: ${{ github.token }} + - name: Set Git user info + run: | + git config user.name 'github-actions[bot]' + git config user.email 'github-actions[bot]@users.noreply.github.com' + + - name: Create new branch + id: branch + run: | + git switch -c "$PR_BRANCH" + + - name: Update flake inputs + run: | + pushd nix/dev + nix flake update \ + --commit-lock-file \ + --commit-lockfile-summary "nix: update dev flake.lock" + popd + + nix flake update \ + --commit-lock-file \ + --commit-lockfile-summary "nix: update flake.lock" + + - name: Make PR if needed + env: + GH_TOKEN: ${{ github.token }} + run: | + if ! git diff --color=always --exit-code origin/main; then + git fetch origin "$PR_BRANCH" || true + git push --force-with-lease -u origin "$PR_BRANCH" + + open_prs="$(gh pr list --base main --head "$PR_BRANCH" | wc -l)" + if [ "$open_prs" -eq 0 ]; then + gh pr create \ + --base main \ + --head "$PR_BRANCH" \ + --title "chore: update lockfiles" \ + --fill + fi + fi - name: Enable auto-merge shell: bash - run: gh pr merge --auto --rebase "$PR_ID" + run: gh pr merge --auto --squash env: - GH_TOKEN: ${{ github.token }} - PR_ID: ${{ steps.update.outputs.pull-request-number }} + GH_TOKEN: ${{ secrets.MERGE_TOKEN }} |