blob: fce3eb5186ed07c9149e09ddf395899ef9c09fa9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
name: Update lockfiles
on:
schedule:
# run every saturday
- cron: "0 0 * * 6"
workflow_dispatch:
jobs:
update:
name: Run update
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
env:
PR_BRANCH: "update-lockfiles"
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v26
- name: Set Git user info
run: |
git config user.name 'github-actions[bot]'
git config user.email 'github-actions[bot]@users.noreply.github.com'
- name: Create new branch
id: branch
run: |
git switch -c "$PR_BRANCH"
- name: Update flake inputs
run: |
nix flake update \
--commit-lock-file \
--commit-lockfile-summary "nix: update flake.lock"
- name: Make PR if needed
env:
GH_TOKEN: ${{ github.token }}
run: |
if ! git diff --color=always --exit-code origin/main; then
git fetch origin "$PR_BRANCH" || true
git push --force-with-lease -u origin "$PR_BRANCH"
open_prs="$(gh pr list --base main --head "$PR_BRANCH" | wc -l)"
if [ "$open_prs" -eq 0 ]; then
gh pr create \
--base main \
--head "$PR_BRANCH" \
--title "nix: update flake.lock" \
--fill
fi
fi
- name: Enable auto-merge
shell: bash
run: gh pr merge --auto --squash
env:
GH_TOKEN: ${{ secrets.MERGE_TOKEN }}
|
