113 lines
3.8 KiB
Markdown
113 lines
3.8 KiB
Markdown
# update-flake-lock
|
|
|
|
This is a GitHub Action that will update your flake.lock file whenever it is run.
|
|
|
|
> **NOTE:** As of v3, this action will no longer automatically install Nix to the action runner. You **MUST** set up a Nix with flakes support enabled prior to running this action, or your workflow will not function as expected.
|
|
|
|
## Example
|
|
|
|
An example GitHub Action workflow using this action would look like the following:
|
|
|
|
```yaml
|
|
name: update-flake-lock
|
|
on:
|
|
workflow_dispatch: # allows manual triggering
|
|
schedule:
|
|
- cron: '0 0 * * 0' # runs weekly on Sunday at 00:00
|
|
|
|
jobs:
|
|
lockfile:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Install Nix
|
|
uses: cachix/install-nix-action@v16
|
|
with:
|
|
extra_nix_config: |
|
|
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
|
|
- name: Update flake.lock
|
|
uses: DeterminateSystems/update-flake-lock@v3
|
|
```
|
|
|
|
## Example updating specific input(s)
|
|
|
|
> **NOTE**: If any inputs have a stale reference (e.g. the lockfile thinks a git input wants its "ref" to be "nixos-unstable", but the flake.nix specifies "nixos-unstable-small"), they will also be updated. At this time, there is no known workaround.
|
|
|
|
It is also possible to update specific inputs by specifying them in a space-separated list:
|
|
|
|
```yaml
|
|
name: update-flake-lock
|
|
on:
|
|
workflow_dispatch: # allows manual triggering
|
|
schedule:
|
|
- cron: '0 0 * * 0' # runs weekly on Sunday at 00:00
|
|
|
|
jobs:
|
|
lockfile:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Install Nix
|
|
uses: cachix/install-nix-action@v16
|
|
with:
|
|
extra_nix_config: |
|
|
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
|
|
- name: Update flake.lock
|
|
uses: DeterminateSystems/update-flake-lock@vX
|
|
with:
|
|
inputs: input1 input2 input3
|
|
```
|
|
|
|
## Example github action tests in created PRs
|
|
|
|
By default, this action uses an api token provided by github ci to create the
|
|
pull request. By default, Github does not run github actions, i.e. tests, for
|
|
these types of pull requests. However, you can bypass this restriction by
|
|
specifying a personal authentication token (PAT). You can create a token by
|
|
visiting [https://github.com/settings/tokens]() and select at least the scope
|
|
`repo`. Then store this token in your repository secrets (i.e.
|
|
'https://github.com/<USER>/<REPO>/settings/secrets/actions') as
|
|
`GH_TOKEN_FOR_UPDATES`.
|
|
|
|
```yaml
|
|
name: update-flake-lock
|
|
on:
|
|
workflow_dispatch: # allows manual triggering
|
|
schedule:
|
|
- cron: '0 0 * * 1,4' # Run twice a week
|
|
|
|
jobs:
|
|
lockfile:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v2
|
|
- name: Install Nix
|
|
uses: cachix/install-nix-action@v16
|
|
- name: Update flake.lock
|
|
uses: DeterminateSystems/update-flake-lock@vX
|
|
with:
|
|
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
|
|
```
|
|
|
|
## Running GitHub Actions CI
|
|
|
|
GitHub Actions will not run workflows when a branch is pushed by or a PR is opened by a GitHub Action. To work around this, try:
|
|
|
|
```
|
|
git branch -D update_flake_lock_action
|
|
git fetch origin
|
|
git checkout update_flake_lock_action
|
|
git commit --amend --no-edit
|
|
git push origin update_flake_lock_action --force
|
|
```
|
|
|
|
## Contributing
|
|
|
|
Feel free to send a PR or open an issue if you find something functions unexpectedly! Please make sure to test your changes and update any related documentation before submitting your PR.
|
|
|
|
### How to test changes
|
|
|
|
In order to more easily test your changes to this action, we have created a template repository that should point you in the right direction: https://github.com/DeterminateSystems/update-flake-lock-test-template. Please see the README in that repository for instructions on testing your changes.
|