From 90c83b4694150bdcfe4fcac1c55fcfdef17c3612 Mon Sep 17 00:00:00 2001 From: seth Date: Fri, 26 Jan 2024 05:43:47 -0500 Subject: initial commit --- .github/dependabot.yml | 8 +++++ .github/workflows/ci.yaml | 26 ++++++++++++++ .github/workflows/flakehub-publish.yaml | 27 +++++++++++++++ .github/workflows/update-lock.yaml | 60 +++++++++++++++++++++++++++++++++ 4 files changed, 121 insertions(+) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/ci.yaml create mode 100644 .github/workflows/flakehub-publish.yaml create mode 100644 .github/workflows/update-lock.yaml (limited to '.github') diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..1d662ce --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,8 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" + commit-message: + prefix: "actions" diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml new file mode 100644 index 0000000..6d530a9 --- /dev/null +++ b/.github/workflows/ci.yaml @@ -0,0 +1,26 @@ +name: CI + +on: + push: + branches: [main] + pull_request: + workflow_dispatch: + +jobs: + test-module: + name: Test module + runs-on: ubuntu-latest + container: nixos/nix:sha256:b8ea88f763f33dfda2317b55eeda3b1a4006692ee29e60ee54ccf6d07348c598 # 2.19.3 + + permissions: + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Run test script + run: | + set -eux + + nix develop ./test --command 'run-ci' diff --git a/.github/workflows/flakehub-publish.yaml b/.github/workflows/flakehub-publish.yaml new file mode 100644 index 0000000..f707375 --- /dev/null +++ b/.github/workflows/flakehub-publish.yaml @@ -0,0 +1,27 @@ +name: Publish on Flakehub + +on: + push: + branches: [main] + tags: + - "v*.*.*" + +jobs: + publish: + name: Publish + runs-on: ubuntu-latest + container: nixos/nix:sha256:b8ea88f763f33dfda2317b55eeda3b1a4006692ee29e60ee54ccf6d07348c598 # 2.19.3 + + permissions: + contents: read + id-token: write + + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Push to Flakehub + uses: DeterminateSystems/flakehub-push@b441737e7d01e044d7b60a3240fb81cbf827bee0 # v3 + with: + visibility: "public" + rolling: ${{ !startsWith(github.ref, 'refs/tags/v' )}} diff --git a/.github/workflows/update-lock.yaml b/.github/workflows/update-lock.yaml new file mode 100644 index 0000000..9a3628f --- /dev/null +++ b/.github/workflows/update-lock.yaml @@ -0,0 +1,60 @@ +name: Update flake.lock + +on: + schedule: + # run every saturday + - cron: "0 0 * * 6" + workflow_dispatch: + +jobs: + update: + name: Update + runs-on: ubuntu-latest + container: nixos/nix:sha256:b8ea88f763f33dfda2317b55eeda3b1a4006692ee29e60ee54ccf6d07348c598 # 2.19.3 + + permissions: + contents: write + pull-requests: write + + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Create new branch + id: branch + run: | + branch="update-flake-lock" + + echo "branch=$branch" >> "$GITHUB_OUTPUT" + git switch -c "$branch" + + - name: Update flake inputs + run: | + nix flake update \ + --commit-lock-file \ + --commit-lockfile-summary "chore: update flake inputs" + + - name: Update test flake inputs + run: | + pushd ./dev + + nix flake update \ + --commit-lock-file \ + --commit-lockfile-summary "chore: update test flake inputs" + + popd + + - name: Make PR if needed + env: + GH_TOKEN: ${{ github.token }} + BRANCH: ${{ steps.branch.outputs.branch }} + run: | + if ! git diff --color=always --exit-code origin/main; then + git push -u origin "$BRANCH" + + gh pr create \ + --base main \ + --head "$BRANCH" \ + --title "chore: update flake inputs" \ + --fill + fi -- cgit v1.2.3