Update packages weekly #168
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Update packages weekly" | |
| on: | |
| push: | |
| paths: | |
| - '.github/workflows/update.yml' | |
| schedule: | |
| - cron: '19 18 * * 2' | |
| repository_dispatch: | |
| workflow_dispatch: | |
| inputs: | |
| update_lock: | |
| description: Update flake.lock | |
| required: true | |
| default: true | |
| type: boolean | |
| update_source: | |
| description: Update source | |
| required: true | |
| default: true | |
| type: boolean | |
| jobs: | |
| bump_lock: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: write | |
| env: | |
| NIXPKGS_ALLOW_UNFREE: 1 | |
| # ATTIC_SERVER: ${{ secrets.ATTIC_SERVER }} | |
| # ATTIC_CACHE: ${{ secrets.ATTIC_CACHE }} | |
| # ATTIC_ACCESS_TOKEN: ${{ secrets.ATTIC_ACCESS_TOKEN }} | |
| steps: | |
| - name: 0-1. Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: 0-2. Install nix | |
| uses: cachix/install-nix-action@V27 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable | |
| extra_nix_config: | | |
| experimental-features = nix-command flakes | |
| access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} | |
| substituters = https://cache.nixos.org/ https://cache.garnix.io | |
| trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g= | |
| - name: 1-1. Update flake.lock | |
| if: ${{ inputs.update_lock == true || github.event_name != 'workflow_dispatch' }} | |
| run: nix flake update --impure | |
| # - name: 2-1. Setup Attic | |
| # if: ${{ inputs.update_source == true || github.event_name != 'workflow_dispatch' }} | |
| # run: | | |
| # # curl -LO https://raw.githubusercontent.com/zhaofengli/attic/main/.github/install-attic-ci.sh | |
| # curl -LO https://raw.githubusercontent.com/icewind1991/attic-action/master/dist/main/install-attic-ci.sh | |
| # bash install-attic-ci.sh | |
| # | |
| # # https://github.com/zhaofengli/attic/blob/main/.github/workflows/build.yml#L30 | |
| # export PATH=$HOME/.nix-profile/bin:$PATH | |
| # attic login --set-default ci "$ATTIC_SERVER" "$ATTIC_ACCESS_TOKEN" | |
| # attic use "$ATTIC_CACHE" | |
| - name: 2-2. Update package sources | |
| if: ${{ inputs.update_source == true || github.event_name != 'workflow_dispatch' }} | |
| run: nix run .#update --impure | |
| - name: 3-1. Show flake metadata | |
| if: ${{ always() }} | |
| run: nix flake metadata --impure | |
| - name: 3-2. Bump flake.lock ONLY | |
| if: ${{ inputs.update_lock == true && inputs.update_source == false }} | |
| uses: stefanzweifel/git-auto-commit-action@v5 | |
| with: | |
| commit_message: "Update: sources" | |
| file_pattern: "pkgs/_sources" | |
| - name: 3-3. Bump package sources ONLY | |
| if: ${{ inputs.update_source == true && inputs.update_lock == false }} | |
| uses: stefanzweifel/git-auto-commit-action@v5 | |
| with: | |
| commit_message: "Update: flake.lock" | |
| file_pattern: "flake.lock" | |
| - name: 3-4. Bump flake.lock & package sources | |
| if: ${{ inputs.update_source == true && inputs.update_lock == true || github.event_name != 'workflow_dispatch' }} | |
| uses: stefanzweifel/git-auto-commit-action@v5 | |
| with: | |
| commit_message: "Update: flake.lock&sources" | |
| file_pattern: "flake.lock pkgs/_sources" | |
| build_bundles: | |
| needs: bump_lock | |
| secrets: inherit | |
| permissions: | |
| contents: write | |
| strategy: | |
| matrix: | |
| bundles: | |
| - ciPackages | |
| - unfreePackages | |
| # - JetBrainsPackages | |
| - uncategorized | |
| - trivialPackages | |
| uses: ./.github/workflows/build.yml | |
| with: | |
| packages: ${{ matrix.bundles }} |