Merge branch 'main' into bjs/fish-plugins

Author: BJSummerfield

.github/workflows/update-flake-dependencies.yml

@@ -1,31 +1,31 @@
 # CI job to periodically (once a week) update flake.lock
 name: Update flake dependencies
-
 on:
   schedule:
     - cron: '0 16 * * 5'
   workflow_dispatch: # for allowing manual triggers of the workflow
-
 jobs:
   update-dependencies:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: DeterminateSystems/nix-installer-action@main
-    - uses: DeterminateSystems/magic-nix-cache-action@main
-    - name: Update flake.lock and create signed commit with flake.lock changes
-      env:
-        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        FILE_TO_COMMIT: flake.lock
-        COMMIT_BRANCH: automation/update-flake-dependencies
-        COMMIT_MESSAGE: "chore(nix): Update Flake dependencies"
-      run: |
+      - uses: actions/checkout@v4
+      - uses: DeterminateSystems/nix-installer-action@main
+      - uses: DeterminateSystems/magic-nix-cache-action@main
+      - name: Update flake.lock and create signed commit with flake.lock changes
+        env:
+          GITHUB_TOKEN: ${{ secrets.OP_BOT_TOKEN }}
+          FILE_TO_COMMIT: flake.lock
+          COMMIT_BRANCH: automation/update-flake-dependencies
+          COMMIT_MESSAGE: "chore(nix): Update Flake dependencies"
+        run: |
           # fetch remote state
           git fetch
           # if branch exists on remote already
+          BRANCH_EXISTS=false
           if git checkout "$COMMIT_BRANCH" > /dev/null 2>&1; then
             # pull changes
             git pull
+            BRANCH_EXISTS=true
           else
             # otherwise, create the branch and push it to remote
             git checkout -b "$COMMIT_BRANCH"
@@ -41,10 +41,11 @@ jobs:
               --field content=@<(base64 -i $FILE_TO_COMMIT) \
               --field branch="$COMMIT_BRANCH" \
               --field sha="$(git rev-parse $COMMIT_BRANCH:$FILE_TO_COMMIT)"
-            gh pr create --title "[automation]: Update Flake dependencies" \
-              --body "This is an automated PR to update \`flake.lock\`" \
-              --label "flake.lock automation" \
-              --reviewer mrjones2014 \
-              --reviewer AndyTitu \
-              --base main --head $COMMIT_BRANCH
+            if [ "$BRANCH_EXISTS" = "false" ]; then
+              gh pr create --title "[automation]: Update Flake dependencies" \
+                --body "This is an automated PR to update \`flake.lock\`" \
+                --label "flake.lock automation" \
+                --reviewer mrjones2014 \
+                --base main --head $COMMIT_BRANCH
+            fi
           fi

nix/shell-plugins.nix

@@ -1,23 +1,35 @@
-{ pkgs, lib, config, is-home-manager, ... }:
+{
+  pkgs,
+  lib,
+  config,
+  is-home-manager,
+  ...
+}:
 with lib;
 let
   cfg = config.programs._1password-shell-plugins;
 
-  supported_plugins = splitString "\n" (lib.readFile "${
-    # get the list of supported plugin executable names
+  supported_plugins = splitString "\n" (
+    lib.readFile "${
+      # get the list of supported plugin executable names
       pkgs.runCommand "op-plugin-list" { }
-      # 1Password CLI tries to create the config directory automatically, so set a temp XDG_CONFIG_HOME
-      # since we don't actually need it for this
-      "mkdir $out && XDG_CONFIG_HOME=$out ${pkgs._1password}/bin/op plugin list | cut -d ' ' -f1 | tail -n +2 > $out/plugins.txt"
-    }/plugins.txt");
-  getExeName = package:
+        # 1Password CLI tries to create the config directory automatically, so set a temp XDG_CONFIG_HOME
+        # since we don't actually need it for this
+        "mkdir $out && XDG_CONFIG_HOME=$out ${
+          if cfg.package != null then cfg.package else pkgs._1password-cli
+        }/bin/op plugin list | cut -d ' ' -f1 | tail -n +2 > $out/plugins.txt"
+    }/plugins.txt"
+  );
+  getExeName =
+    package:
     # NOTE: SAFETY: This is okay because the `packages` list is also referred
     # to below as `home.packages = packages;` or `environment.systemPackages = packages;`
     # depending on if it's using `home-manager` or not; this means that Nix can still
     # compute the dependency tree, even though we're discarding string context here,
     # since the packages are still referred to below without discarding string context.
     strings.unsafeDiscardStringContext (baseNameOf (getExe package));
-in {
+in
+{
   options = {
     programs._1password-shell-plugins = {
       enable = mkEnableOption "1Password Shell Plugins";
@@ -32,24 +44,23 @@ in {
             cachix
           ]
         '';
-        description =
-          "CLI Packages to enable 1Password Shell Plugins for; ensure that a Shell Plugin exists by checking the docs: https://developer.1password.com/docs/cli/shell-plugins/";
+        description = "CLI Packages to enable 1Password Shell Plugins for; ensure that a Shell Plugin exists by checking the docs: https://developer.1password.com/docs/cli/shell-plugins/";
         # this is a bit of a hack to do option validation;
         # ensure that the list of packages include only packages
         # for which the executable has a supported 1Password Shell Plugin
-        apply = package_list:
-          map (package:
+        apply =
+          package_list:
+          map (
+            package:
             if (elem (getExeName package) supported_plugins) then
               package
             else
-              abort "${
-                getExeName package
-              } is not a valid 1Password Shell Plugin. A list of supported plugins can be found by running `op plugin list` or at: https://developer.1password.com/docs/cli/shell-plugins/")
-          package_list;
+              abort "${getExeName package} is not a valid 1Password Shell Plugin. A list of supported plugins can be found by running `op plugin list` or at: https://developer.1password.com/docs/cli/shell-plugins/"
+          ) package_list;
       };
     };
   };
-
+  
   config = let
     # executable names as strings, e.g. `pkgs.gh` => `"gh"`, `pkgs.awscli2` => `"aws"`
     pkg-exe-names = map getExeName cfg.plugins;