infrastructure/workflows/npins-update.nix

# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
#
# SPDX-License-Identifier: EUPL-1.2

{ lib, nix-actions, ... }:

let
  inherit (nix-actions.lib) secret;

  inherit (lib) genAttrs mapAttrs' nameValuePair;

  dependencies = builtins.attrNames (import ../npins);
in

{
  name = "Update dependencies";
  on.schedule = [
    # Run every saturday
    { cron = "5 16 * * 6"; }
  ];

  # Global environment, necessary for rebases and commits
  env = rec {
    GIT_AUTHOR_NAME = "HT Chores";
    GIT_AUTHOR_EMAIL = "chores@mail.hubrecht.ovh";
    GIT_COMMITTER_NAME = GIT_AUTHOR_NAME;
    GIT_COMMITTER_EMAIL = GIT_AUTHOR_EMAIL;
  };

  jobs = mapAttrs' (name: nameValuePair (builtins.replaceStrings [ "." ] [ "_" ] name)) (
    genAttrs dependencies (name: {
      runs-on = "nix";
      steps = [
        (nix-actions.steps.checkout {
          fetch-depth = 0;
          token = secret "TEA_DGNUM_CHORES_TOKEN";
        })

        {
          env.GIT_UPDATE_BRANCH = "npins-updates/${name}";

          name = "Switch to a new branch";
          run = # bash
            ''
              if git ls-remote --exit-code --heads origin "refs/heads/$GIT_UPDATE_BRANCH"; then
                git switch "$GIT_UPDATE_BRANCH"
                git rebase main
                echo "EXISTING_BRANCH=1" >> $GITHUB_ENV
              else
                git switch -C "$GIT_UPDATE_BRANCH"
              fi
            '';
        }

        {
          env = {
            GIT_UPDATE_BRANCH = "npins-updates/${name}";
            COMMIT_MESSAGE = "chore(npins): Update ${name}";
          };

          name = "Open a PR if updates are present";
          run = # bash
            ''
              npins update ${name}

              if [ ! -z "$(git diff --name-only)" ]; then
                echo "[+] Changes detected, pushing updates."

                git add npins

                if [ -n "$EXISTING_BRANCH" ]; then
                  git commit --amend --no-edit
                  git push --force
                else
                  git commit --message "$COMMIT_MESSAGE"
                  git push -u origin "$GIT_UPDATE_BRANCH"
                fi

                # Connect to the server with the cli
                tea login add -n dgnum-chores -t "${secret "TEA_DGNUM_CHORES_TOKEN"}" -u https://git.dgnum.eu

                # Create a pull request if needed
                # i.e. no PR with the same title exists
                if [ -z $(tea pr ls -f='title,author' -o simple | grep "$COMMIT_MESSAGE dgnum-chores") ]; then
                  tea pr create --description "Automatic npins update" --title "$COMMIT_MESSAGE" --head "$GIT_UPDATE_BRANCH"
                fi
              fi
            '';
        }
      ];
    })
  );
}
chore: Add license and copyright information Signed-off-by: Tom Hubrecht <tom.hubrecht@dgnum.eu> Acked-by: Ryan Lahfa <ryan.lahfa@dgnum.eu> Acked-by: Maurice Debray <maurice.debray@dgnum.eu> Acked-by: Lubin Bailly <lubin.bailly@dgnum.eu> Acked-by: Jean-Marc Gailis <jean-marc.gailis@dgnum.eu> as the legal authority, at the time of writing, in DGNum. Acked-by: Elias Coppens <elias.coppens@dgnum.eu> as a member, at the time of writing, of the DGNum executive counsel. 2024-12-12 14:41:43 +01:00			`# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>`
			`#`
			`# SPDX-License-Identifier: EUPL-1.2`

feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`{ lib, nix-actions, ... }:`

			`let`
			`inherit (nix-actions.lib) secret;`

			`inherit (lib) genAttrs mapAttrs' nameValuePair;`

			`dependencies = builtins.attrNames (import ../npins);`
			`in`
chore(nix-actions): Update and take advantage of the new stuff 2024-12-26 21:25:49 +01:00
feat(workflows): Switch to a nix-based definition of workflows 2024-11-11 17:52:23 +01:00			`{`
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`name = "Update dependencies";`
feat(workflows): Switch to a nix-based definition of workflows 2024-11-11 17:52:23 +01:00			`on.schedule = [`
fix(workflows/npins-update): Set the env correctly 2025-01-04 17:00:50 +01:00			`# Run every saturday`
			`{ cron = "5 16 * * 6"; }`
feat(workflows): Switch to a nix-based definition of workflows 2024-11-11 17:52:23 +01:00			`];`

feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`# Global environment, necessary for rebases and commits`
			`env = rec {`
			`GIT_AUTHOR_NAME = "HT Chores";`
			`GIT_AUTHOR_EMAIL = "chores@mail.hubrecht.ovh";`
			`GIT_COMMITTER_NAME = GIT_AUTHOR_NAME;`
			`GIT_COMMITTER_EMAIL = GIT_AUTHOR_EMAIL;`
			`};`
feat(workflows): Switch to a nix-based definition of workflows 2024-11-11 17:52:23 +01:00
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`jobs = mapAttrs' (name: nameValuePair (builtins.replaceStrings [ "." ] [ "_" ] name)) (`
			`genAttrs dependencies (name: {`
			`runs-on = "nix";`
			`steps = [`
			`(nix-actions.steps.checkout {`
			`fetch-depth = 0;`
			`token = secret "TEA_DGNUM_CHORES_TOKEN";`
			`})`
feat(workflows): Add scheduled npins update 2023-12-11 11:29:39 +01:00
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`{`
fix(workflows/npins-update): Set the env correctly 2025-01-04 17:00:50 +01:00			`env.GIT_UPDATE_BRANCH = "npins-updates/${name}";`
feat(workflows): Add scheduled npins update 2023-12-11 11:29:39 +01:00
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`name = "Switch to a new branch";`
			`run = # bash`
			`''`
			`if git ls-remote --exit-code --heads origin "refs/heads/$GIT_UPDATE_BRANCH"; then`
			`git switch "$GIT_UPDATE_BRANCH"`
			`git rebase main`
			`echo "EXISTING_BRANCH=1" >> $GITHUB_ENV`
			`else`
			`git switch -C "$GIT_UPDATE_BRANCH"`
			`fi`
			`'';`
			`}`
fix(workflows): ??? 2023-12-12 14:46:36 +01:00
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`{`
fix(workflows/npins-update): Set the env correctly 2025-01-04 17:00:50 +01:00			`env = {`
			`GIT_UPDATE_BRANCH = "npins-updates/${name}";`
			`COMMIT_MESSAGE = "chore(npins): Update ${name}";`
			`};`

feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`name = "Open a PR if updates are present";`
			`run = # bash`
			`''`
			`npins update ${name}`
fix(workflows): ??? 2023-12-12 14:46:36 +01:00
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`if [ ! -z "$(git diff --name-only)" ]; then`
			`echo "[+] Changes detected, pushing updates."`
fix(workflows): ??? 2023-12-12 14:46:36 +01:00
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`git add npins`
feat(workflows): Add scheduled npins update 2023-12-11 11:29:39 +01:00
fix(workflows/npins-update): Set the env correctly 2025-01-04 17:00:50 +01:00			`if [ -n "$EXISTING_BRANCH" ]; then`
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`git commit --amend --no-edit`
			`git push --force`
			`else`
			`git commit --message "$COMMIT_MESSAGE"`
			`git push -u origin "$GIT_UPDATE_BRANCH"`
			`fi`
chore(nix-actions): Update and take advantage of the new stuff 2024-12-26 21:25:49 +01:00
feat(npins-update): Make it run weekly, but per pin 2025-01-04 13:01:49 +01:00			`# Connect to the server with the cli`
			`tea login add -n dgnum-chores -t "${secret "TEA_DGNUM_CHORES_TOKEN"}" -u https://git.dgnum.eu`

			`# Create a pull request if needed`
			`# i.e. no PR with the same title exists`
			`if [ -z $(tea pr ls -f='title,author' -o simple \| grep "$COMMIT_MESSAGE dgnum-chores") ]; then`
			`tea pr create --description "Automatic npins update" --title "$COMMIT_MESSAGE" --head "$GIT_UPDATE_BRANCH"`
			`fi`
			`fi`
			`'';`
			`}`
			`];`
			`})`
			`);`
feat(workflows): Switch to a nix-based definition of workflows 2024-11-11 17:52:23 +01:00			`}`