Skip to content

Updater

Updater #1140

Workflow file for this run

name: Updater
on:
schedule:
- cron: "0 2 * * *"
workflow_dispatch: {}
jobs:
generate_matrix:
runs-on: ubuntu-20.04
outputs:
packages: ${{ steps.gen_packages.outputs.packages }}
checks: ${{ steps.gen_checks.outputs.checks }}
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.TEST_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v30
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.TEST_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.25.0/install
- name: Generate flake.json
run: |
nix flake show --json > flake.json
- id: gen_packages
run: |
packages=$(jq -c '.packages."x86_64-linux" | keys' < flake.json)
printf "::set-output name=packages::%s" "$packages"
- id: gen_checks
run: |
checks=$(jq -c '.checks."x86_64-linux" | keys' < flake.json)
printf "::set-output name=checks::%s" "$checks"
update_flake:
runs-on: ubuntu-20.04
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.TEST_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v30
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.TEST_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.25.0/install
- name: Set up git
run: |
git config user.email [email protected]
git config user.name "Git Bot"
- name: Update the flake
run: nix flake update
- name: Store flake.lock
uses: actions/upload-artifact@v4
with:
name: flake_lock
path: flake.lock
build_flake:
runs-on: ubuntu-20.04
needs: [generate_matrix, update_flake]
strategy:
fail-fast: false
max-parallel: 5
matrix:
package: ${{fromJson(needs.generate_matrix.outputs.packages)}}
steps:
# - name: Prepare store folder
# run: sudo mkdir -p /nix
- name: Free diskspace
uses: easimon/maximize-build-space@master
with:
build-mount-path: /nix
root-reserve-mb: 5120
remove-dotnet: true
remove-android: true
remove-haskell: true
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.TEST_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v30
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.TEST_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.25.0/install
- name: Set up cachix
uses: cachix/cachix-action@master # pathsToPush, please update once we have v11!
with:
name: nobbz
signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
pathsToPush: result
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Build everything
run: nix build .#${{ matrix.package }}
build_checks:
runs-on: ubuntu-20.04
needs: [generate_matrix, update_flake]
strategy:
fail-fast: false
max-parallel: 5
matrix:
check: ${{fromJson(needs.generate_matrix.outputs.checks)}}
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.TEST_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v30
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.TEST_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.25.0/install
- name: Set up cachix
uses: cachix/cachix-action@master # pathsToPush, please update once we have v11!
with:
name: nobbz
signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
skipPush: true
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Build everything
run: nix build .#checks.x86_64-linux.${{ matrix.check }} --no-link
check_flake:
runs-on: ubuntu-20.04
needs: [update_flake]
continue-on-error: true
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.TEST_TOKEN }}"
- name: Install nix
uses: cachix/install-nix-action@v30
with:
extra_nix_config: |
auto-optimise-store = true
access-tokens = github.com=${{ secrets.TEST_TOKEN }}
experimental-features = nix-command flakes
substituters = https://cache.nixos.org/ https://nix-community.cachix.org
trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
install_url: https://releases.nixos.org/nix/nix-2.25.0/install
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Build everything
run: |
nix flake check --keep-going
push_update:
runs-on: ubuntu-20.04
permissions: write-all
needs: [update_flake, build_flake, build_checks, check_flake]
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
token: "${{ secrets.TEST_TOKEN }}"
- name: Restore flake.lock
uses: actions/download-artifact@v4
with:
name: flake_lock
- name: Set up git
run: |
git config user.email [email protected]
git config user.name "Git Bot"
- name: Create and merge PR
run: |
git switch -c updates-${{ github.run_id }}
git commit -am "flake.lock: Update"
git push -u origin updates-${{ github.run_id }}
PR=$(gh pr create \
--assignee NobbZ \
--base main \
--body "Automatic flake update on $(date -I)" \
--fill \
--label bot \
--title "Auto update $(date -I)")
gh pr merge $PR --merge --delete-branch
env:
GITHUB_TOKEN: ${{ secrets.TEST_TOKEN }}