From 1413801e6d769546995d82d3db57151f584dba58 Mon Sep 17 00:00:00 2001 From: Aly Raffauf Date: Sun, 14 Jul 2024 10:28:53 -0400 Subject: [PATCH] github: update flake.lock weekly with pull request github: use DeterminateSystems nix installer github: run cicid on prs github/flake-update-inputs: use PAT to trigger subsequent workflows github: simplify workflow runs github: setup git after checkout github/flake-update-inputs: don't self assign reviews github/git-sync-mirrors: only run on master github: don't sync to codeberg github: only run nix checks on .nix updates github: only run nix checks on .nix and .lock updates github: ignore .github and _img paths --- .github/workflows/flake-checks.yml | 13 +++++++--- .github/workflows/flake-update-inputs.yml | 29 ++++++++++++----------- .github/workflows/git-sync-mirrors.yml | 19 ++------------- 3 files changed, 27 insertions(+), 34 deletions(-) diff --git a/.github/workflows/flake-checks.yml b/.github/workflows/flake-checks.yml index 82eb04cb..4ea50721 100644 --- a/.github/workflows/flake-checks.yml +++ b/.github/workflows/flake-checks.yml @@ -1,5 +1,10 @@ name: "nix" -on: [push] +on: + push: + paths-ignore: + - '.github/**' + - '_img/**' + workflow_dispatch: jobs: check-format: runs-on: ubuntu-latest @@ -7,7 +12,8 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 1 - - uses: cachix/install-nix-action@v27 + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@main - name: check if flake complies with default style run: nix fmt -- -c . check-eval: @@ -16,6 +22,7 @@ jobs: - uses: actions/checkout@v4 with: fetch-depth: 1 - - uses: cachix/install-nix-action@v27 + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@main - name: check if flake evaluates run: nix flake check diff --git a/.github/workflows/flake-update-inputs.yml b/.github/workflows/flake-update-inputs.yml index fb422940..a615e78d 100644 --- a/.github/workflows/flake-update-inputs.yml +++ b/.github/workflows/flake-update-inputs.yml @@ -1,7 +1,7 @@ -name: "flake: update inputs" +name: "update-flake-inputs" on: schedule: - - cron: "0 6 * * *" + - cron: "0 0 * * 0" workflow_dispatch: jobs: update-inputs: @@ -11,17 +11,18 @@ jobs: with: ref: ${{ github.head_ref }} fetch-depth: 1 - - name: "git: setup" + - name: Setup Git run: | - git config --local user.email "github-actions[bot]@users.noreply.github.com" - git config --local user.name "github-actions[bot]" - - uses: cachix/install-nix-action@v27 - - name: "flake: update inputs" - run: nix flake update --commit-lock-file - - name: "flake: check eval" - run: nix flake check - - name: "git: push changes" - uses: ad-m/github-push-action@master + git config --local user.name "github-actions[bot]" + git config --local user.email "github-actions[bot]@users.noreply.github.com" + - name: Install Nix + uses: DeterminateSystems/nix-installer-action@main + - name: Update flake.lock + uses: DeterminateSystems/update-flake-lock@main with: - branch: ${{ github.head_ref }} - + token: ${{ secrets.FLAKE_UPDATE_PAT }} + pr-title: "flake: update inputs" + pr-assignees: alyraffauf + pr-labels: | + dependencies + automated \ No newline at end of file diff --git a/.github/workflows/git-sync-mirrors.yml b/.github/workflows/git-sync-mirrors.yml index 7022489e..d805d8cd 100644 --- a/.github/workflows/git-sync-mirrors.yml +++ b/.github/workflows/git-sync-mirrors.yml @@ -1,25 +1,10 @@ name: "git" on: push: - workflow_run: - workflows: ["flake: update inputs"] - types: - - completed + branches: + - master workflow_dispatch: jobs: - sync-codeberg: - runs-on: ubuntu-latest - steps: - - name: check out repository - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: "sync codeberg mirror" - uses: yesolutions/mirror-action@v0.7.0 - with: - REMOTE: 'https://codeberg.org/alyraffauf/nixcfg.git' - GIT_USERNAME: alyraffauf - GIT_PASSWORD: ${{ secrets.CODEBERG_PASSWORD }} sync-gitlab: runs-on: ubuntu-latest steps: