evergreen #74
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: evergreen | |
on: | |
schedule: | |
- cron: '35 8 * * *' | |
workflow_dispatch: | |
concurrency: evergreen | |
permissions: | |
contents: write | |
pull-requests: write | |
jobs: | |
flake: | |
runs-on: ubuntu-latest | |
outputs: | |
packages: ${{ steps.get_packages.outputs.packages }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
persist-credentials: 'true' | |
- uses: DeterminateSystems/nix-installer-action@main | |
with: | |
extra-conf: | | |
accept-flake-config = true | |
experimental-features = nix-command flakes | |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- name: Update nix flake | |
run: nix flake update >> $GITHUB_STEP_SUMMARY | |
- name: Push changes | |
id: push | |
run: | | |
if [[ `git status flake.lock --porcelain` ]]; then | |
git config user.name github-actions | |
git config user.email github-actions@github.com | |
git add flake.lock | |
git commit -m "bot: nix flake update" | |
git push | |
echo "trigger_build=1" >> $GITHUB_OUTPUT | |
else | |
echo "flake.lock is not changed..." | |
echo "trigger_build=0" >> $GITHUB_OUTPUT | |
fi | |
- name: Trigger build | |
uses: actions/github-script@v7 | |
if: steps.push.outputs.trigger_build == '1' | |
with: | |
script: | | |
github.rest.repos.createDispatchEvent({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
event_type: 'build', | |
}); | |
- name: Find upgradable packages | |
id: get_packages | |
run: | | |
packages=$(nix eval .\#lib.packagesWithUpdateScript --raw --apply "x: builtins.toJSON (builtins.attrNames x)") | |
echo "packages=$packages" >> $GITHUB_OUTPUT | |
package: | |
needs: flake | |
strategy: | |
matrix: | |
package: ${{ fromJson(needs.flake.outputs.packages) }} | |
fail-fast: false | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 1 | |
persist-credentials: 'true' | |
- uses: DeterminateSystems/nix-installer-action@main | |
with: | |
extra-conf: | | |
accept-flake-config = true | |
experimental-features = nix-command flakes | |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} | |
- uses: DeterminateSystems/magic-nix-cache-action@main | |
- name: Run update script for ${{ matrix.package }} | |
id: run_update_script | |
run: | | |
git config user.name "github-actions" | |
git config user.email "github-actions@github.com" | |
# Run update script | |
if nix-shell tasks/update.nix --argstr package "${{ matrix.package }}" --argstr commit true --argstr skip-prompt true; then | |
echo "update.nix executed successfully" | |
commits_count=$(git rev-list --all --count) | |
if [ "$commits_count" -ge 2 ]; then | |
echo "pr_title=$(git show -s --format=%s HEAD)" >> $GITHUB_OUTPUT | |
fi | |
else | |
echo "update.nix execution failed" | |
exit 1 | |
fi | |
- name: Create pull request | |
uses: peter-evans/create-pull-request@v7 | |
if: steps.run_update_script.outputs.pr_title != '' | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
committer: "github-actions <github-actions@github.com>" | |
branch: "bot/${{ matrix.package }}" | |
title: ${{ steps.run_update_script.outputs.pr_title }} | |
delete-branch: true | |
body: "This pull request is created automatically by the evergreen action which runs periodically to bump packages." | |
labels: "bot" | |
reviewers: "codgician" | |
- name: Check build | |
if: steps.run_update_script.outputs.pr_title != '' | |
run: |- | |
nix build .#${{ matrix.package }} |