194 lines
7.4 KiB
YAML
194 lines
7.4 KiB
YAML
name: 'Update flake.lock'
|
||
description: 'Update your flake.lock and send a PR'
|
||
inputs:
|
||
inputs:
|
||
description: 'A space-separated list of inputs to update. Leave empty to update all inputs.'
|
||
required: false
|
||
default: ''
|
||
token:
|
||
description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)'
|
||
required: false
|
||
default: ${{ github.token }}
|
||
commit-msg:
|
||
description: 'The message provided with the commit'
|
||
required: false
|
||
default: "flake.lock: Update"
|
||
base:
|
||
description: "Sets the pull request base branch. Defaults to the branch checked out in the workflow."
|
||
required: false
|
||
branch:
|
||
description: 'The branch of the PR to be created'
|
||
required: false
|
||
default: "update_flake_lock_action"
|
||
path-to-flake-dir:
|
||
description: 'The path of the directory containing `flake.nix` file within your repository. Useful when `flake.nix` cannot reside at the root of your repository.'
|
||
required: false
|
||
default: ''
|
||
pr-title:
|
||
description: 'The title of the PR to be created'
|
||
required: false
|
||
default: "flake.lock: Update"
|
||
pr-body:
|
||
description: 'The body of the PR to be created'
|
||
required: false
|
||
default: |
|
||
Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.
|
||
|
||
```
|
||
{{ env.GIT_COMMIT_MESSAGE }}
|
||
```
|
||
|
||
### Running GitHub Actions on this PR
|
||
|
||
GitHub Actions will not run workflows on pull requests which are opened by a GitHub Action.
|
||
|
||
To run GitHub Actions workflows on this PR, run:
|
||
|
||
```sh
|
||
git branch -D update_flake_lock_action
|
||
git fetch origin
|
||
git checkout update_flake_lock_action
|
||
git commit --amend --no-edit
|
||
git push origin update_flake_lock_action --force
|
||
```
|
||
|
||
pr-labels:
|
||
description: 'A comma or newline separated list of labels to set on the Pull Request to be created'
|
||
required: false
|
||
default: ''
|
||
pr-assignees:
|
||
description: 'A comma or newline separated list of assignees (GitHub usernames).'
|
||
required: false
|
||
default: ''
|
||
pr-reviewers:
|
||
description: 'A comma or newline separated list of reviewers (GitHub usernames) to request a review from.'
|
||
required: false
|
||
default: ''
|
||
git-author-name:
|
||
description: 'Author name used for commit. Only used if sign-commits is false.'
|
||
required: false
|
||
default: 'github-actions[bot]'
|
||
git-author-email:
|
||
description: 'Author email used for commit. Only used if sign-commits is false.'
|
||
required: false
|
||
default: 'github-actions[bot]@users.noreply.github.com'
|
||
git-committer-name:
|
||
description: 'Committer name used for commit. Only used if sign-commits is false.'
|
||
required: false
|
||
default: 'github-actions[bot]'
|
||
git-committer-email:
|
||
description: 'Committer email used for commit. Only used if sign-commits is false.'
|
||
required: false
|
||
default: 'github-actions[bot]@users.noreply.github.com'
|
||
sign-commits:
|
||
description: 'Set to true if the action should sign the commit with GPG'
|
||
required: false
|
||
default: 'false'
|
||
gpg-private-key:
|
||
description: 'GPG Private Key with which to sign the commits in the PR to be created'
|
||
required: false
|
||
default: ''
|
||
gpg-fingerprint:
|
||
description: 'Fingerprint of specific GPG subkey to use'
|
||
required: false
|
||
gpg-passphrase:
|
||
description: 'GPG Private Key Passphrase for the GPG Private Key with which to sign the commits in the PR to be created'
|
||
required: false
|
||
default: ''
|
||
outputs:
|
||
pull-request-number:
|
||
description: 'The number of the opened pull request'
|
||
value: ${{ steps.create-pr.outputs.pull-request-number }}
|
||
runs:
|
||
using: "composite"
|
||
steps:
|
||
- name: Import bot's GPG key for signing commits
|
||
if: ${{ inputs.sign-commits == 'true' }}
|
||
id: import-gpg
|
||
uses: crazy-max/ghaction-import-gpg@v5
|
||
with:
|
||
gpg_private_key: ${{ inputs.gpg-private-key }}
|
||
fingerprint: ${{ inputs.gpg-fingerprint }}
|
||
passphrase: ${{ inputs.gpg-passphrase }}
|
||
git_config_global: true
|
||
git_user_signingkey: true
|
||
git_commit_gpgsign: true
|
||
- name: Set environment variables (signed commits)
|
||
if: ${{ inputs.sign-commits == 'true' }}
|
||
shell: bash
|
||
env:
|
||
GIT_AUTHOR_NAME: ${{ steps.import-gpg.outputs.name }}
|
||
GIT_AUTHOR_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
||
GIT_COMMITTER_NAME: ${{ steps.import-gpg.outputs.name }}
|
||
GIT_COMMITTER_EMAIL: ${{ steps.import-gpg.outputs.email }}
|
||
TARGETS: ${{ inputs.inputs }}
|
||
run: |
|
||
echo "GIT_AUTHOR_NAME=$GIT_AUTHOR_NAME" >> $GITHUB_ENV
|
||
echo "GIT_AUTHOR_EMAIL=<$GIT_AUTHOR_EMAIL>" >> $GITHUB_ENV
|
||
echo "GIT_COMMITTER_NAME=$GIT_COMMITTER_NAME" >> $GITHUB_ENV
|
||
echo "GIT_COMMITTER_EMAIL=<$GIT_COMMITTER_EMAIL>" >> $GITHUB_ENV
|
||
- name: Set environment variables (unsigned commits)
|
||
if: ${{ inputs.sign-commits != 'true' }}
|
||
shell: bash
|
||
run: |
|
||
echo "GIT_AUTHOR_NAME=${{ inputs.git-author-name }}" >> $GITHUB_ENV
|
||
echo "GIT_AUTHOR_EMAIL=<${{ inputs.git-author-email }}>" >> $GITHUB_ENV
|
||
echo "GIT_COMMITTER_NAME=${{ inputs.git-committer-name }}" >> $GITHUB_ENV
|
||
echo "GIT_COMMITTER_EMAIL=<${{ inputs.git-committer-email }}>" >> $GITHUB_ENV
|
||
- name: Run update-flake-lock.sh
|
||
run: $GITHUB_ACTION_PATH/update-flake-lock.sh
|
||
shell: bash
|
||
env:
|
||
GIT_AUTHOR_NAME: ${{ env.GIT_AUTHOR_NAME }}
|
||
GIT_AUTHOR_EMAIL: ${{ env.GIT_AUTHOR_EMAIL }}
|
||
GIT_COMMITTER_NAME: ${{ env.GIT_COMMITTER_NAME }}
|
||
GIT_COMMITTER_EMAIL: ${{ env.GIT_COMMITTER_EMAIL }}
|
||
TARGETS: ${{ inputs.inputs }}
|
||
COMMIT_MSG: ${{ inputs.commit-msg }}
|
||
PATH_TO_FLAKE_DIR: ${{ inputs.path-to-flake-dir }}
|
||
- name: Save PR Body as file
|
||
uses: DamianReeves/write-file-action@v1.2
|
||
with:
|
||
path: pr_body.template
|
||
contents: ${{ inputs.pr-body }}
|
||
env: {}
|
||
- name: Set additional env variables (GIT_COMMIT_MESSAGE)
|
||
shell: bash
|
||
run: |
|
||
GIT_COMMIT_MESSAGE="$(git log --format=%b -n 1)"
|
||
GIT_COMMIT_MESSAGE="${GIT_COMMIT_MESSAGE//'%'/'%25'}"
|
||
GIT_COMMIT_MESSAGE="${GIT_COMMIT_MESSAGE//$'\n'/'%0A'}"
|
||
GIT_COMMIT_MESSAGE="${GIT_COMMIT_MESSAGE//$'\r'/'%0D'}"
|
||
echo "GIT_COMMIT_MESSAGE=$GIT_COMMIT_MESSAGE" >> $GITHUB_ENV
|
||
echo "GIT_COMMIT_MESSAGE is: ${GIT_COMMIT_MESSAGE}"
|
||
- name: Interpolate PR Body
|
||
uses: pedrolamas/handlebars-action@v2.2.0
|
||
with:
|
||
files: 'pr_body.template'
|
||
output-filename: 'pr_body.txt'
|
||
- name: Read pr_body.txt
|
||
id: pr_body
|
||
uses: andstor/file-reader-action@v1
|
||
with:
|
||
path: "pr_body.txt"
|
||
# We need to remove the pr_body files so that the
|
||
# peter-evans/create-pull-request action does not commit it (the
|
||
# action commits all new and modified files).
|
||
- name: Remove PR body template files
|
||
shell: bash
|
||
run: rm -f pr_body.txt pr_body.template
|
||
- name: Create PR
|
||
id: create-pr
|
||
uses: peter-evans/create-pull-request@v4
|
||
with:
|
||
base: ${{ inputs.base }}
|
||
branch: ${{ inputs.branch }}
|
||
delete-branch: true
|
||
committer: ${{ env.GIT_COMMITTER_NAME }} ${{ env.GIT_COMMITTER_EMAIL }}
|
||
author: ${{ env.GIT_AUTHOR_NAME }} ${{ env.GIT_AUTHOR_EMAIL }}
|
||
title: ${{ inputs.pr-title }}
|
||
token: ${{ inputs.token }}
|
||
assignees: ${{ inputs.pr-assignees }}
|
||
labels: ${{ inputs.pr-labels }}
|
||
reviewers: ${{ inputs.pr-reviewers }}
|
||
body: ${{ steps.pr_body.outputs.contents }}
|