nixos-config/.forgejo/workflows/update_nix_flakes.yml
2024-07-21 00:54:53 +02:00

60 lines
1.5 KiB
YAML

name: Update Nix flakes and commit changes
on:
schedule:
- cron: "0 2/5 * * * *" # not to frequent, GitHub only allows a few pulls per hour
jobs:
update-and-commit:
runs-on: native
steps:
- name: checkout repository
uses: actions/checkout@v2
with:
ref: "update"
- name: setup git
run: |
git config --local user.email "action@git.ingolf-wagner.de"
git config --local user.name "Forgejo Action"
# fixme: not working for some reason
#- name: rebase with main branch
# run: |
# git fetch origin main
# git rebase origin/main
- name: setup ssh
run: |
cat <<EOF > .id_rsa
${{ secrets.SSH_KEY }}
EOF
chmod 600 .id_rsa
eval $(ssh-agent)
ssh-add .id_rsa
cat <<EOF > "$GITHUB_ENV"
SSH_AUTH_SOCK="$SSH_AUTH_SOCK"
SSH_AGENT_PID=$SSH_AGENT_PID
EOF
- name: update nix flakes
run: nix flake update
# we need the ssh-agent here, otherwise git push would use the GITHUB_TOKEN
# which prevents other workflows to be triggered
- name: commit and push changes
run: |
git diff --quiet && \
git diff --staged --quiet || \
(git commit -am "Update Nix flakes" && git push)
- name: teardown ssh
if: always()
run: |
echo $SSH_AGENT_PID
kill $SSH_AGENT_PID