feat(nix): add auto-rebuild #830
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Update nvfetcher | |
| on: | |
| workflow_dispatch: {} | |
| schedule: | |
| - cron: 0 1 * * * | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - pkgs/nvfetcher.toml | |
| jobs: | |
| update-nvfetcher: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | |
| with: | |
| ref: main | |
| fetch-depth: 0 | |
| - name: Install Nix | |
| uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d # v16 | |
| # with: # only for caddy, not others | |
| # nix_path: nixpkgs=channel:nixos-unstable | |
| - name: Update flake lock | |
| run: nix flake update | |
| - name: Run nvfetcher | |
| id: run-nvfetcher | |
| run: | | |
| export LANG=en_US.UTF-8 | |
| export LC_ALL=en_US.UTF-8 | |
| cd pkgs | |
| nix-shell -p nvfetcher --command 'nvfetcher -l /tmp/nvfetcher-changes' | |
| { | |
| echo 'changes<<EOF' | |
| cat /tmp/nvfetcher-changes | |
| echo 'EOF' | |
| } >> "$GITHUB_OUTPUT" | |
| - name: Update caddy-custom src files | |
| id: update-caddy-custom | |
| run: | | |
| if grep -q "caddy" "/tmp/nvfetcher-changes"; then | |
| echo "Updating caddy-custom ..." | |
| cd pkgs/caddy-custom/src | |
| rm go* | |
| go mod init caddy | |
| go mod tidy | |
| fi | |
| - name: Update vendorHash | |
| id: update-vendorhash | |
| run: | | |
| setHash () { | |
| jq --arg app "${1}" --arg hash "${2}" '.[$app] = $hash' pkgs/vendorhash.json > tmp.json | |
| mv tmp.json pkgs/vendorhash.json | |
| } | |
| declare -a APP_NAMES | |
| while read line; do | |
| APP_NAMES+=("${line%:*}") | |
| done < /tmp/nvfetcher-changes | |
| for APP_NAME in "${APP_NAMES[@]}"; do | |
| if [[ "${APP_NAME}" == "caddy-core" ]]; then | |
| APP_NAME="caddy-custom" | |
| fi | |
| echo "Check vendorHash for ${APP_NAME}..." | |
| setHash "${APP_NAME}" "" | |
| vendorHash=$(nix build --no-link .#${APP_NAME} 2>&1 >/dev/null | grep "got:" | cut -d':' -f2 | sed 's| ||g') | |
| if [[ -n "${vendorHash}" ]]; then | |
| setHash "${APP_NAME}" "${vendorHash}" | |
| echo "Updated ${APP_NAME} with vendorHash: ${vendorHash}" | |
| fi | |
| done | |
| - name: Generate Token | |
| uses: actions/create-github-app-token@0d564482f06ca65fa9e77e2510873638c82206f2 # v1 | |
| id: app-token | |
| with: | |
| app-id: ${{ secrets.LAB_ASSISTANT_APP_ID }} | |
| private-key: ${{ secrets.LAB_ASSISTANT_APP_KEY }} | |
| - name: Create Pull Request | |
| id: create-pull-request | |
| uses: peter-evans/create-pull-request@dd2324fc52d5d43c699a5636bcf19fceaa70c284 # v7 | |
| with: | |
| token: ${{ steps.app-token.outputs.token }} | |
| title: "chore(deps): Update packages managed by nvfetcher" | |
| commit-message: "chore(deps): Update packages managed by nvfetcher" | |
| body: | | |
| ## Summary | |
| ${{ steps.run-nvfetcher.outputs.changes }} | |
| add-paths: | | |
| pkgs/** | |
| delete-branch: true |