Skip to content
update-flake-lock

update-flake-lock #17

Sign in to view logs

update-flake-lock

update-flake-lock #17

Workflow file for this run

.github/workflows/update-flake-lock.yaml at 95e3e29
name: update-flake-lock
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: "0 0 * * 0" # runs weekly on Sunday at 00:00
jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
- uses: cachix/cachix-action@v15
with:
name: kidibox
authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
- name: Update flake.lock
run: nix flake update
- name: Commit changes
run: |
mapfile -t CHANGED < <(git diff --name-only | xargs)
# TODO: use an array for $FILES
for value in "${CHANGED[@]}"; do
FILES="${FILES} -F files[][path]=$value -F files[][contents]=$(base64 -w0 $value)"
done
git checkout -b $BRANCH
git push -u origin $BRANCH --force
gh api graphql \
-F githubRepository=$GITHUB_REPOSITORY \
-F branchName=$BRANCH \
-F expectedHeadOid=$(git rev-parse HEAD) \
-F commitMessage="chore: update flake.lock" \
-F 'query=@.github/api/createCommitOnBranch.gql' \
${FILES}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BRANCH: chore/update-flake-lock
# - name: Commit changes
# env:
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# FILE_TO_COMMIT: flake.lock
# DESTINATION_BRANCH: chore/update-flake-lock
# run: |
# export TODAY=$(date -u '+%Y-%m-%d')
# export MESSAGE="chore: update $FILE_TO_COMMIT for $TODAY"
# export SHA=$(git rev-parse $DESTINATION_BRANCH:$FILE_TO_COMMIT)
# export CONTENT=$(base64 -i $FILE_TO_COMMIT)
# git checkout -b "$DESTINATION_BRANCH"
# git push -u origin "$DESTINATION_BRANCH"
# gh api --method PUT /repos/:owner/:repo/contents/$FILE_TO_COMMIT \
# --field message="$MESSAGE" \
# --field content="$CONTENT" \
# --field encoding="base64" \
# --field branch="$DESTINATION_BRANCH" \
# --field sha="$SHA"
# gh pr create --title "Update $FILE_TO_COMMIT" --body "This PR updates $FILE_TO_COMMIT" --head $DESTINATION_BRANCH --base main
# - name: Update flake.lock
# uses: DeterminateSystems/update-flake-lock@main
# with:
# pr-title: "Update flake.lock"
# pr-labels: |
# dependencies
# automated