Tom Hubrecht
4b9721457c
Some checks are pending
Build all the nodes / tower01 (push) Waiting to run
Check workflows / check_workflows (push) Successful in 20s
Build all the nodes / ap01 (push) Successful in 32s
Build all the nodes / netaccess01 (push) Successful in 25s
Build all the nodes / bridge01 (push) Successful in 50s
Build all the nodes / netcore00 (push) Successful in 20s
Build all the nodes / build01 (push) Successful in 54s
Build all the nodes / hypervisor01 (push) Successful in 1m3s
Build all the nodes / geo01 (push) Successful in 1m4s
Build all the nodes / geo02 (push) Successful in 1m4s
Build all the nodes / hypervisor02 (push) Successful in 1m4s
Build all the nodes / cof02 (push) Successful in 1m6s
Build all the nodes / hypervisor03 (push) Successful in 1m4s
Run pre-commit on all files / pre-commit (push) Successful in 26s
Build the shell / build-shell (push) Successful in 28s
Build all the nodes / netcore01 (push) Successful in 40s
Build all the nodes / netcore02 (push) Successful in 39s
Build all the nodes / web02 (push) Successful in 1m2s
Build all the nodes / vault01 (push) Successful in 1m5s
Build all the nodes / web03 (push) Successful in 1m4s
Build all the nodes / web01 (push) Successful in 1m37s
Build all the nodes / rescue01 (push) Successful in 1m52s
Build all the nodes / storage01 (push) Successful in 1m51s
Build all the nodes / compute01 (push) Successful in 3m51s
95 lines
2.8 KiB
Nix
95 lines
2.8 KiB
Nix
# SPDX-FileCopyrightText: 2024 Tom Hubrecht <tom.hubrecht@dgnum.eu>
|
|
#
|
|
# SPDX-License-Identifier: EUPL-1.2
|
|
|
|
{ lib, nix-actions, ... }:
|
|
|
|
let
|
|
inherit (nix-actions.lib) secret;
|
|
|
|
inherit (lib) genAttrs mapAttrs' nameValuePair;
|
|
|
|
dependencies = builtins.attrNames (import ../npins);
|
|
in
|
|
|
|
{
|
|
name = "Update dependencies";
|
|
on.schedule = [
|
|
# Run every 24h
|
|
{ cron = "15 12 * * *"; }
|
|
];
|
|
|
|
# Global environment, necessary for rebases and commits
|
|
env = rec {
|
|
GIT_AUTHOR_NAME = "HT Chores";
|
|
GIT_AUTHOR_EMAIL = "chores@mail.hubrecht.ovh";
|
|
GIT_COMMITTER_NAME = GIT_AUTHOR_NAME;
|
|
GIT_COMMITTER_EMAIL = GIT_AUTHOR_EMAIL;
|
|
};
|
|
|
|
jobs = mapAttrs' (name: nameValuePair (builtins.replaceStrings [ "." ] [ "_" ] name)) (
|
|
genAttrs dependencies (name: {
|
|
runs-on = "nix";
|
|
steps = [
|
|
(nix-actions.lib.steps.checkout {
|
|
fetch-depth = 0;
|
|
token = secret "TEA_DGNUM_CHORES_TOKEN";
|
|
})
|
|
|
|
{
|
|
env.GIT_UPDATE_BRANCH = "npins-updates/${name}";
|
|
|
|
name = "Switch to a new branch";
|
|
run = # bash
|
|
''
|
|
if git ls-remote --exit-code --heads origin "refs/heads/$GIT_UPDATE_BRANCH"; then
|
|
git switch "$GIT_UPDATE_BRANCH"
|
|
git rebase main
|
|
echo "EXISTING_BRANCH=1" >> $GITHUB_ENV
|
|
else
|
|
git switch -C "$GIT_UPDATE_BRANCH"
|
|
fi
|
|
'';
|
|
}
|
|
|
|
{
|
|
env = {
|
|
GIT_UPDATE_BRANCH = "npins-updates/${name}";
|
|
COMMIT_MESSAGE = "chore(npins): Update ${name}";
|
|
};
|
|
|
|
name = "Open a PR if updates are present";
|
|
run = # bash
|
|
''
|
|
nix-shell -A npins-shell --run 'npins update ${name}'
|
|
|
|
if [ ! -z "$(git diff --name-only)" ]; then
|
|
echo "[+] Changes detected, pushing updates."
|
|
|
|
git add npins
|
|
|
|
if [ -n "$EXISTING_BRANCH" ]; then
|
|
git commit --amend --no-edit
|
|
git push --force
|
|
else
|
|
git commit --message "$COMMIT_MESSAGE"
|
|
git push -u origin "$GIT_UPDATE_BRANCH"
|
|
fi
|
|
|
|
# Connect to the server with the cli
|
|
tea login add -n dgnum-chores -t "${secret "TEA_DGNUM_CHORES_TOKEN"}" -u https://git.dgnum.eu
|
|
|
|
# Create a pull request if needed
|
|
# i.e. no PR with the same title exists
|
|
if [ -z $(tea pr ls -f='head' -o simple | grep "$GIT_UPDATE_BRANCH") ]; then
|
|
tea pr create --description "Automatic npins update" --title "$COMMIT_MESSAGE" --head "$GIT_UPDATE_BRANCH"
|
|
fi
|
|
elif [ -n "$EXISTING_BRANCH" ]; then
|
|
git push --force
|
|
fi
|
|
'';
|
|
}
|
|
];
|
|
})
|
|
);
|
|
}
|