remote detsys flake-lock-update
This commit is contained in:
parent
fcf6495865
commit
a1b0dc1b63
6 changed files with 0 additions and 95411 deletions
|
@ -1,222 +0,0 @@
|
||||||
name: "Update Nix Flake Lock"
|
|
||||||
description: "Update your Nix flake.lock and send a PR"
|
|
||||||
inputs:
|
|
||||||
inputs:
|
|
||||||
description: "A space-separated list of inputs to update. Leave empty to update all inputs."
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
token:
|
|
||||||
description: "GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)"
|
|
||||||
required: false
|
|
||||||
default: ${{ github.token }}
|
|
||||||
commit-msg:
|
|
||||||
description: "The message provided with the commit"
|
|
||||||
required: false
|
|
||||||
default: "flake.lock: Update"
|
|
||||||
base:
|
|
||||||
description: "Sets the pull request base branch. Defaults to the branch checked out in the workflow."
|
|
||||||
required: false
|
|
||||||
branch:
|
|
||||||
description: "The branch of the PR to be created"
|
|
||||||
required: false
|
|
||||||
default: "update_flake_lock_action"
|
|
||||||
path-to-flake-dir:
|
|
||||||
description: "The path of the directory containing `flake.nix` file within your repository. Useful when `flake.nix` cannot reside at the root of your repository."
|
|
||||||
required: false
|
|
||||||
pr-title:
|
|
||||||
description: "The title of the PR to be created"
|
|
||||||
required: false
|
|
||||||
default: "flake.lock: Update"
|
|
||||||
pr-body:
|
|
||||||
description: "The body of the PR to be created"
|
|
||||||
required: false
|
|
||||||
default: |
|
|
||||||
Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.
|
|
||||||
|
|
||||||
```
|
|
||||||
{{ env.GIT_COMMIT_MESSAGE }}
|
|
||||||
```
|
|
||||||
|
|
||||||
### Running GitHub Actions on this PR
|
|
||||||
|
|
||||||
GitHub Actions will not run workflows on pull requests which are opened by a GitHub Action.
|
|
||||||
|
|
||||||
To run GitHub Actions workflows on this PR, run:
|
|
||||||
|
|
||||||
```sh
|
|
||||||
git branch -D update_flake_lock_action
|
|
||||||
git fetch origin
|
|
||||||
git checkout update_flake_lock_action
|
|
||||||
git commit --amend --no-edit
|
|
||||||
git push origin update_flake_lock_action --force
|
|
||||||
```
|
|
||||||
|
|
||||||
pr-labels:
|
|
||||||
description: "A comma or newline separated list of labels to set on the Pull Request to be created"
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
pr-assignees:
|
|
||||||
description: "A comma or newline separated list of assignees (GitHub usernames)."
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
pr-reviewers:
|
|
||||||
description: "A comma or newline separated list of reviewers (GitHub usernames) to request a review from."
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
git-author-name:
|
|
||||||
description: "Author name used for commit. Only used if sign-commits is false."
|
|
||||||
required: false
|
|
||||||
default: "github-actions[bot]"
|
|
||||||
git-author-email:
|
|
||||||
description: "Author email used for commit. Only used if sign-commits is false."
|
|
||||||
required: false
|
|
||||||
default: "github-actions[bot]@users.noreply.github.com"
|
|
||||||
git-committer-name:
|
|
||||||
description: "Committer name used for commit. Only used if sign-commits is false."
|
|
||||||
required: false
|
|
||||||
default: "github-actions[bot]"
|
|
||||||
git-committer-email:
|
|
||||||
description: "Committer email used for commit. Only used if sign-commits is false."
|
|
||||||
required: false
|
|
||||||
default: "github-actions[bot]@users.noreply.github.com"
|
|
||||||
sign-commits:
|
|
||||||
description: "Set to true if the action should sign the commit with GPG"
|
|
||||||
required: false
|
|
||||||
default: "false"
|
|
||||||
gpg-private-key:
|
|
||||||
description: "GPG Private Key with which to sign the commits in the PR to be created"
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
gpg-fingerprint:
|
|
||||||
description: "Fingerprint of specific GPG subkey to use"
|
|
||||||
required: false
|
|
||||||
gpg-passphrase:
|
|
||||||
description: "GPG Private Key Passphrase for the GPG Private Key with which to sign the commits in the PR to be created"
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
nix-options:
|
|
||||||
description: "A space-separated list of options to pass to the nix command"
|
|
||||||
required: false
|
|
||||||
default: ""
|
|
||||||
_internal-strict-mode:
|
|
||||||
description: Whether to fail when any errors are thrown. Used only to test the Action; do not set this in your own workflows.
|
|
||||||
required: false
|
|
||||||
default: false
|
|
||||||
outputs:
|
|
||||||
pull-request-number:
|
|
||||||
description: "The number of the opened pull request"
|
|
||||||
value: ${{ steps.create-pr.outputs.pull-request-number }}
|
|
||||||
pull-request-operation:
|
|
||||||
description: "The pull request operation performed by the action, `created`, `updated` or `closed`."
|
|
||||||
value: ${{ steps.create-pr.outputs.pull-request-operation }}
|
|
||||||
runs:
|
|
||||||
using: "composite"
|
|
||||||
steps:
|
|
||||||
- name: Import bot's GPG key for signing commits
|
|
||||||
if: ${{ inputs.sign-commits == 'true' }}
|
|
||||||
id: import-gpg
|
|
||||||
uses: https://github.com/crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
|
|
||||||
with:
|
|
||||||
gpg_private_key: ${{ inputs.gpg-private-key }}
|
|
||||||
fingerprint: ${{ inputs.gpg-fingerprint }}
|
|
||||||
passphrase: ${{ inputs.gpg-passphrase }}
|
|
||||||
git_config_global: true
|
|
||||||
git_user_signingkey: true
|
|
||||||
git_commit_gpgsign: true
|
|
||||||
- name: Set environment variables (signed commits)
|
|
||||||
if: ${{ inputs.sign-commits == 'true' }}
|
|
||||||
shell: bash
|
|
||||||
env:
|
|
||||||
GIT_AUTHOR_NAME: ${{ steps.import-gpg.outputs.name }}
|
|
||||||
GIT_AUTHOR_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
|
||||||
GIT_COMMITTER_NAME: ${{ steps.import-gpg.outputs.name }}
|
|
||||||
GIT_COMMITTER_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
|
||||||
TARGETS: ${{ inputs.inputs }}
|
|
||||||
run: |
|
|
||||||
echo "GIT_AUTHOR_NAME=$GIT_AUTHOR_NAME" >> $GITHUB_ENV
|
|
||||||
echo "GIT_AUTHOR_EMAIL=<$GIT_AUTHOR_EMAIL>" >> $GITHUB_ENV
|
|
||||||
echo "GIT_COMMITTER_NAME=$GIT_COMMITTER_NAME" >> $GITHUB_ENV
|
|
||||||
echo "GIT_COMMITTER_EMAIL=<$GIT_COMMITTER_EMAIL>" >> $GITHUB_ENV
|
|
||||||
- name: Set environment variables (unsigned commits)
|
|
||||||
if: ${{ inputs.sign-commits != 'true' }}
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
echo "GIT_AUTHOR_NAME=${{ inputs.git-author-name }}" >> $GITHUB_ENV
|
|
||||||
echo "GIT_AUTHOR_EMAIL=<${{ inputs.git-author-email }}>" >> $GITHUB_ENV
|
|
||||||
echo "GIT_COMMITTER_NAME=${{ inputs.git-committer-name }}" >> $GITHUB_ENV
|
|
||||||
echo "GIT_COMMITTER_EMAIL=<${{ inputs.git-committer-email }}>" >> $GITHUB_ENV
|
|
||||||
- name: Run update-flake-lock
|
|
||||||
shell: bash
|
|
||||||
run: node "$GITHUB_ACTION_PATH/dist/index.js"
|
|
||||||
env:
|
|
||||||
# The following manually exposes all of the action inputs into INPUT_ environment variables so actionsCore.getInput works:
|
|
||||||
# https://github.com/actions/toolkit/blob/ae38557bb0dba824cdda26ce787bd6b66cf07a83/packages/core/src/core.ts#L126
|
|
||||||
INPUT_BASE: ${{ inputs.base }}
|
|
||||||
INPUT_BRANCH: ${{ inputs.branch }}
|
|
||||||
INPUT_COMMIT-MSG: ${{ inputs.commit-msg }}
|
|
||||||
INPUT_GIT-AUTHOR-EMAIL: ${{ inputs.git-author-email }}
|
|
||||||
INPUT_GIT-AUTHOR-NAME: ${{ inputs.git-author-name }}
|
|
||||||
INPUT_GIT-COMMITTER-EMAIL: ${{ inputs.git-committer-email }}
|
|
||||||
INPUT_GIT-COMMITTER-NAME: ${{ inputs.git-committer-name }}
|
|
||||||
INPUT_GPG-FINGERPRINT: ${{ inputs.gpg-fingerprint }}
|
|
||||||
INPUT_GPG-PASSPHRASE: ${{ inputs.gpg-passphrase }}
|
|
||||||
INPUT_GPG-PRIVATE-KEY: ${{ inputs.gpg-private-key }}
|
|
||||||
INPUT_INPUTS: ${{ inputs.inputs }}
|
|
||||||
INPUT_NIX-OPTIONS: ${{ inputs.nix-options }}
|
|
||||||
INPUT_PATH-TO-FLAKE-DIR: ${{ inputs.path-to-flake-dir }}
|
|
||||||
INPUT_PR-ASSIGNEES: ${{ inputs.pr-assignees }}
|
|
||||||
INPUT_PR-BODY: ${{ inputs.pr-body }}
|
|
||||||
INPUT_PR-LABELS: ${{ inputs.pr-labels }}
|
|
||||||
INPUT_PR-REVIEWERS: ${{ inputs.pr-reviewers }}
|
|
||||||
INPUT_PR-TITLE: ${{ inputs.pr-title }}
|
|
||||||
INPUT_PULL-REQUEST-NUMBER: ${{ inputs.pull-request-number }}
|
|
||||||
INPUT_PULL-REQUEST-OPERATION: ${{ inputs.pull-request-operation }}
|
|
||||||
INPUT_SIGN-COMMITS: ${{ inputs.sign-commits }}
|
|
||||||
INPUT_TOKEN: ${{ inputs.token }}
|
|
||||||
INPUT__INTERNAL-STRICT-MODE: ${{ inputs._internal-strict-mode }}
|
|
||||||
- name: Save PR Body as file
|
|
||||||
uses: https://github.com/DamianReeves/write-file-action@v1.3
|
|
||||||
with:
|
|
||||||
path: pr_body.template
|
|
||||||
contents: ${{ inputs.pr-body }}
|
|
||||||
env: {}
|
|
||||||
- name: Set additional env variables (GIT_COMMIT_MESSAGE)
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
DELIMITER=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
|
|
||||||
COMMIT_MESSAGE="$(git log --format=%b -n 1)"
|
|
||||||
echo "GIT_COMMIT_MESSAGE<<$DELIMITER" >> $GITHUB_ENV
|
|
||||||
echo "$COMMIT_MESSAGE" >> $GITHUB_ENV
|
|
||||||
echo "$DELIMITER" >> $GITHUB_ENV
|
|
||||||
echo "GIT_COMMIT_MESSAGE is: ${COMMIT_MESSAGE}"
|
|
||||||
- name: Interpolate PR Body
|
|
||||||
uses: pedrolamas/handlebars-action@2995d7eadacbc8f2f6ab8431a01d84a5fa3b8bb4 # v2.4.0
|
|
||||||
with:
|
|
||||||
files: "pr_body.template"
|
|
||||||
output-filename: "pr_body.txt"
|
|
||||||
- name: Read pr_body.txt
|
|
||||||
id: pr_body
|
|
||||||
uses: juliangruber/read-file-action@v1
|
|
||||||
with:
|
|
||||||
path: "pr_body.txt"
|
|
||||||
# We need to remove the pr_body files so that the
|
|
||||||
# peter-evans/create-pull-request action does not commit it (the
|
|
||||||
# action commits all new and modified files).
|
|
||||||
- name: Remove PR body template files
|
|
||||||
shell: bash
|
|
||||||
run: rm -f pr_body.txt pr_body.template
|
|
||||||
- name: Create PR
|
|
||||||
id: create-pr
|
|
||||||
uses: https://github.com/peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5
|
|
||||||
with:
|
|
||||||
base: ${{ inputs.base }}
|
|
||||||
branch: ${{ inputs.branch }}
|
|
||||||
delete-branch: true
|
|
||||||
committer: ${{ env.GIT_COMMITTER_NAME }} ${{ env.GIT_COMMITTER_EMAIL }}
|
|
||||||
author: ${{ env.GIT_AUTHOR_NAME }} ${{ env.GIT_AUTHOR_EMAIL }}
|
|
||||||
title: ${{ inputs.pr-title }}
|
|
||||||
token: ${{ inputs.token }}
|
|
||||||
assignees: ${{ inputs.pr-assignees }}
|
|
||||||
labels: ${{ inputs.pr-labels }}
|
|
||||||
reviewers: ${{ inputs.pr-reviewers }}
|
|
||||||
body: ${{ steps.pr_body.outputs.content }}
|
|
|
@ -1,2 +0,0 @@
|
||||||
|
|
||||||
export { }
|
|
95155
.forgejo/actions/update-flake-lock/dist/index.js
vendored
95155
.forgejo/actions/update-flake-lock/dist/index.js
vendored
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -1,3 +0,0 @@
|
||||||
{
|
|
||||||
"type": "module"
|
|
||||||
}
|
|
|
@ -1,28 +0,0 @@
|
||||||
name: update-flake-lock
|
|
||||||
on:
|
|
||||||
# workflow_dispatch: # allows manual triggering
|
|
||||||
schedule:
|
|
||||||
- cron: '0 0 * * *' # daily at midnight
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- main
|
|
||||||
paths:
|
|
||||||
- ".forgejo/workflows/update_lock.yaml"
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
lockfile:
|
|
||||||
runs-on: docker
|
|
||||||
steps:
|
|
||||||
- name: Checkout repository
|
|
||||||
uses: https://github.com/actions/checkout@v4
|
|
||||||
- name: Install Nix
|
|
||||||
uses: https://github.com/DeterminateSystems/nix-installer-action@main
|
|
||||||
- name: Update flake.lock
|
|
||||||
uses: ./.forgejo/actions/update-flake-lock
|
|
||||||
with:
|
|
||||||
pr-title: "Update flake.lock" # Title of PR to be created
|
|
||||||
pr-labels: | # Labels to be set on the PR
|
|
||||||
dependencies
|
|
||||||
automated
|
|
||||||
inputs: nixpkgs nixpkgs-unstable
|
|
||||||
|
|
Loading…
Reference in a new issue