Skip to content

fix: update hix hashes for all systems #8732

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rekram1-node merged 6 commits into from
Jan 15, 2026
Merged

fix: update hix hashes for all systems #8732

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
b69643c
fix: update hix hashes for all systems
ricardo-valero Jan 15, 2026
bddacd4
replace nix installer
ricardo-valero Jan 15, 2026
2b5ed1e
add hash placeholders
ricardo-valero Jan 15, 2026
362de10
Update node_modules hash (aarch64-linux)
actions-user Jan 15, 2026
fd34aa3
Update node_modules hash (x86_64-darwin)
actions-user Jan 15, 2026
ebd1476
Merge branch 'dev' into fix/nix-hash-workflow
rekram1-node Jan 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 39 additions & 34 deletions .github/workflows/update-nix-hashes.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,11 @@ on:
- "packages/*/package.json"

jobs:
update-linux:
update-flake:
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
runs-on: blacksmith-4vcpu-ubuntu-2404
runs-on: ubuntu-latest
env:
SYSTEM: x86_64-linux
TITLE: flake.lock

steps:
- name: Checkout repository
Expand All @@ -33,39 +33,32 @@ jobs:
repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }}

- name: Setup Nix
uses: DeterminateSystems/nix-installer-action@v20
uses: nixbuild/nix-quick-install-action@v34

- name: Configure git
run: |
git config --global user.email "action@github.com"
git config --global user.name "Github Action"

- name: Update flake.lock
- name: Update ${{ env.TITLE }}
run: |
set -euo pipefail
echo "📦 Updating flake.lock..."
echo "📦 Updating $TITLE..."
nix flake update
echo "✅ flake.lock updated successfully"
echo "✅ $TITLE updated successfully"

- name: Update node_modules hash for x86_64-linux
run: |
set -euo pipefail
echo "🔄 Updating node_modules hash for x86_64-linux..."
nix/scripts/update-hashes.sh
echo "✅ node_modules hash for x86_64-linux updated successfully"

- name: Commit Linux hash changes
- name: Commit ${{ env.TITLE }} changes
env:
TARGET_BRANCH: ${{ github.head_ref || github.ref_name }}
run: |
set -euo pipefail

echo "🔍 Checking for changes in tracked Nix files..."
echo "🔍 Checking for changes in tracked files..."

summarize() {
local status="$1"
{
echo "### Nix Hash Update (x86_64-linux)"
echo "### Nix $TITLE"
echo ""
echo "- ref: ${GITHUB_REF_NAME}"
echo "- status: ${status}"
Expand All @@ -75,11 +68,10 @@ jobs:
fi
echo "" >> "$GITHUB_STEP_SUMMARY"
}

FILES=(flake.lock flake.nix nix/node-modules.nix nix/hashes.json)
FILES=(flake.lock flake.nix)
STATUS="$(git status --short -- "${FILES[@]}" || true)"
if [ -z "$STATUS" ]; then
echo "✅ No changes detected. Hashes are already up to date."
echo "✅ No changes detected."
summarize "no changes"
exit 0
fi
Expand All @@ -89,7 +81,7 @@ jobs:
echo "🔗 Staging files..."
git add "${FILES[@]}"
echo "💾 Committing changes..."
git commit -m "Update Nix flake.lock and x86_64-linux hash"
git commit -m "Update $TITLE"
echo "✅ Changes committed"

BRANCH="${TARGET_BRANCH:-${GITHUB_REF_NAME}}"
Expand All @@ -101,12 +93,25 @@ jobs:

summarize "committed $(git rev-parse --short HEAD)"

update-macos:
needs: update-linux
update-node-modules-hash:
needs: update-flake
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
runs-on: macos-latest
strategy:
fail-fast: false
matrix:
include:
- system: x86_64-linux
host: ubuntu-latest
- system: aarch64-linux
host: ubuntu-22.04-arm
- system: x86_64-darwin
host: macos-15-intel
- system: aarch64-darwin
host: macos-latest
runs-on: ${{ matrix.host }}
env:
SYSTEM: aarch64-darwin
SYSTEM: ${{ matrix.system }}
TITLE: node_modules hash (${{ matrix.system }})

steps:
- name: Checkout repository
Expand All @@ -118,7 +123,7 @@ jobs:
repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }}

- name: Setup Nix
uses: DeterminateSystems/nix-installer-action@v20
uses: nixbuild/nix-quick-install-action@v34

- name: Configure git
run: |
Expand All @@ -132,25 +137,25 @@ jobs:
BRANCH="${TARGET_BRANCH:-${GITHUB_REF_NAME}}"
git pull origin "$BRANCH"

- name: Update node_modules hash for aarch64-darwin
- name: Update ${{ env.TITLE }}
run: |
set -euo pipefail
echo "🔄 Updating node_modules hash for aarch64-darwin..."
echo "🔄 Updating $TITLE..."
nix/scripts/update-hashes.sh
echo "✅ node_modules hash for aarch64-darwin updated successfully"
echo "✅ $TITLE updated successfully"

- name: Commit macOS hash changes
- name: Commit ${{ env.TITLE }} changes
env:
TARGET_BRANCH: ${{ github.head_ref || github.ref_name }}
run: |
set -euo pipefail

echo "🔍 Checking for changes in tracked Nix files..."
echo "🔍 Checking for changes in tracked files..."

summarize() {
local status="$1"
{
echo "### Nix Hash Update (aarch64-darwin)"
echo "### Nix $TITLE"
echo ""
echo "- ref: ${GITHUB_REF_NAME}"
echo "- status: ${status}"
Expand All @@ -164,7 +169,7 @@ jobs:
FILES=(nix/hashes.json)
STATUS="$(git status --short -- "${FILES[@]}" || true)"
if [ -z "$STATUS" ]; then
echo "✅ No changes detected. Hash is already up to date."
echo "✅ No changes detected."
summarize "no changes"
exit 0
fi
Expand All @@ -174,7 +179,7 @@ jobs:
echo "🔗 Staging files..."
git add "${FILES[@]}"
echo "💾 Committing changes..."
git commit -m "Update aarch64-darwin hash"
git commit -m "Update $TITLE"
echo "✅ Changes committed"

BRANCH="${TARGET_BRANCH:-${GITHUB_REF_NAME}}"
Expand Down
6 changes: 4 additions & 2 deletions nix/hashes.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
{
"nodeModules": {
"x86_64-linux": "sha256-Fl1BdjNSg19LJVSgDMiBX8JuTaGlL2I5T+rqLfjSeO4=",
"aarch64-darwin": "sha256-7UajHu40n7JKqurU/+CGlitErsVFA2qDneUytI8+/zQ="
"x86_64-linux": "sha256-4ndHIlS9t1ynRdFszJ1nvcu3YhunhuOc7jcuHI1FbnM=",

Check failure on line 3 in nix/hashes.json

View workflow job for this annotation

GitHub Actions / build-desktop (blacksmith-4vcpu-ubuntu-2404) 

To correct the hash mismatch for opencode-node_modules-1.1.21, use "sha256-Fl1BdjNSg19LJVSgDMiBX8JuTaGlL2I5T+rqLfjSeO4="
"aarch64-linux": "sha256-H9eUk/yVrQqVrAYONlb6As7mjkPXtOauBVfMBeVAmRo=",
"aarch64-darwin": "sha256-C0E9KAEj3GI83HwirIL2zlXYIe92T+7Iv6F51BB6slY=",

Check failure on line 5 in nix/hashes.json

View workflow job for this annotation

GitHub Actions / build-desktop (macos-latest) 

To correct the hash mismatch for opencode-node_modules-1.1.21, use "sha256-7UajHu40n7JKqurU/+CGlitErsVFA2qDneUytI8+/zQ="
"x86_64-darwin": "sha256-wj5fZnyfu6Sf1HcqvsQM3M7dl5BKRAHmoqm1Ai1cL2M="
}
}
Loading