Flake Automated Update #37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Flake Automated Update" | |
| on: | |
| workflow_dispatch: | |
| schedule: | |
| - cron: '0 11 * * *' | |
| jobs: | |
| check: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@main | |
| with: | |
| token: '${{ secrets.ACTION_GITHUB_TOKEN }}' | |
| - name: Install nix | |
| uses: cachix/install-nix-action@master | |
| with: | |
| github_access_token: '${{ secrets.ACTION_GITHUB_TOKEN }}' | |
| - name: Import GPG key | |
| id: import-gpg | |
| uses: crazy-max/ghaction-import-gpg@master | |
| with: | |
| gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| passphrase: ${{ secrets.PASSPHRASE }} | |
| git_user_signingkey: true | |
| git_commit_gpgsign: true | |
| - name: Configure git credentials | |
| run: | | |
| git config --global user.email "${{ steps.import-gpg.outputs.email }}" | |
| git config --global user.name "${{ steps.import-gpg.outputs.name }}" | |
| - name: Setup cachix | |
| uses: cachix/cachix-action@master | |
| with: | |
| name: antares0982 | |
| authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
| - name: Nix flake update | |
| run: | | |
| nix flake update --commit-lock-file | |
| - name: Nix develop check | |
| run: | | |
| nix develop --command echo DONE | |
| nix flake check | |
| if [ -z $(git status --porcelain) ]; then | |
| echo "clean, skip..." | |
| else | |
| git add --all | |
| git commit --message "Flake Update" | |
| fi | |
| - name: Git push | |
| run: | | |
| git config --global pull.rebase false | |
| git pull | |
| git push |