CI - Update nixpkgs and sync CI dependencies #73
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI - Update nixpkgs and sync CI dependencies | |
| on: | |
| pull_request: | |
| paths: | |
| - '.github/workflows/update-nixpkgs.yml' | |
| - '**.go' | |
| - 'flake.*' | |
| schedule: | |
| # Every 10:17 JST | |
| # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule | |
| - cron: '17 1 * * *' | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| jobs: | |
| tasks: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| env: | |
| PR_BRANCH: update-nixpkgs-${{ github.run_id }} | |
| steps: | |
| # To push workflow changes and trigger CIs | |
| - name: Generate GitHub Apps token | |
| if: (github.event.sender.login == 'kachick') || (github.event_name != 'pull_request') | |
| id: publish-token | |
| uses: tibdex/github-app-token@v2 | |
| with: | |
| # Required to set workflow permission for the APP | |
| app_id: ${{ secrets.APP_ID }} | |
| private_key: ${{ secrets.PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| if: (github.event.sender.login == 'kachick') || (github.event_name != 'pull_request') | |
| with: | |
| # Needed to get commit counts | |
| # https://stackoverflow.com/a/65056108 | |
| fetch-depth: 0 | |
| # Needed to specify token for checkout phase, only in pushing phase is too late | |
| # https://github.com/orgs/community/discussions/27072#discussioncomment-3254515 | |
| token: ${{ steps.publish-token.outputs.token }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| # Needed to get commit counts | |
| # https://stackoverflow.com/a/65056108 | |
| fetch-depth: 0 | |
| if: (github.event.sender.login != 'kachick') && (github.event_name == 'pull_request') | |
| - uses: DeterminateSystems/nix-installer-action@v6 | |
| - uses: DeterminateSystems/magic-nix-cache-action@v2 | |
| - name: Prepare Git | |
| run: | | |
| git config --global user.name "github-actions[bot]" | |
| git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" | |
| git switch -c "${PR_BRANCH}" | |
| - run: nix develop --command task update | |
| - name: Count added commits | |
| id: count-commits | |
| run: | | |
| count="$(git rev-list --count origin/main..)" | |
| echo "count=${count}" | tee -a "$GITHUB_OUTPUT" | |
| - run: git push origin "${PR_BRANCH}" | |
| if: (github.event_name != 'pull_request') && (steps.count-commits.outputs.count > 0) | |
| - name: Create PR | |
| if: (github.event_name != 'pull_request') && (steps.count-commits.outputs.count > 0) | |
| env: | |
| GITHUB_TOKEN: ${{ steps.publish-token.outputs.token }} | |
| run: | | |
| gh pr create --base 'main' --title 'Update nixpkgs and related CI dependencies' --body 'This PR is based on https://github.com/kachick/selfup' |