-
Notifications
You must be signed in to change notification settings - Fork 0
103 lines (95 loc) · 3.9 KB
/
update-flake.yaml
File metadata and controls
103 lines (95 loc) · 3.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
name: Update systems
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 0 * * *' # every day at 00:00
jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/update-flake-lock@main
with:
inputs: nixpkgs nixpkgs-unstable home-manager cv zen-browser
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
pr-title: "Update flake.lock"
pr-labels: |
dependencies
automated
services:
runs-on: ubuntu-latest
strategy:
matrix:
service:
- owner: immich-app
repo: immich
file: hosts/liskamm/immich.nix
- owner: dani-garcia
repo: vaultwarden
file: hosts/liskamm/vaultwarden.nix
- owner: home-assistant
repo: core
file: hosts/liskamm/home-assistant.nix
- owner: docker-mailserver
repo: docker-mailserver
file: hosts/liskamm/mailserver.nix
mod: "(version) => version.slice(1)"
- owner: nextcloud
repo: server
file: hosts/liskamm/nextcloud.nix
mod: "(version) => version.slice(1)"
check: |
async (version) => {
const response = await fetch(`https://hub.docker.com/v2/repositories/library/nextcloud/tags?name=${version}`);
const ret = await response.json();
if (ret.count <= 0) {
console.warn("No docker image tag found for ${version}", ret);
return false;
}
return true;
}
steps:
- uses: actions/checkout@v4
- uses: actions/github-script@v7
id: version-bump
with:
result-encoding: string
script: |
const latest = await github.rest.repos.getLatestRelease({
owner: "${{matrix.service.owner}}",
repo: "${{matrix.service.repo}}",
});
const latestTag = latest.data.tag_name;
core.setOutput('latestTag', latestTag);
console.log(`Latest release tag: ${latestTag}`);
const mod = ${{ matrix.service.mod || '(x) => x' }};
const newVersion = mod(latestTag);
core.setOutput('newVersion', newVersion);
console.log(`New version: ${newVersion}`);
const check = ${{ matrix.service.check || '(x) => true' }};
const newVersionOk = await check(newVersion);
if (!newVersionOk) {
console.warn(`Ignored new version ${newVersion} because of failed check.`)
return;
}
await exec.exec("sed", ["-i", `s/version = ".*"/version = "${newVersion}"/`, "${{matrix.service.file}}"])
const {stdout} = await exec.getExecOutput("git", ["diff"]);
console.log(stdout);
return stdout;
- uses: peter-evans/create-pull-request@v7
with:
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
branch: update-services-${{matrix.service.owner}}-${{matrix.service.repo}}
commit-message: "Update ${{matrix.service.owner}}/${{matrix.service.repo}}"
title: "Update ${{matrix.service.owner}}/${{matrix.service.repo}}"
labels: |
dependencies
automated
body: |
Automatically detected version bump of service `${{matrix.service.owner}}/${{matrix.service.repo}}`:
```diff
${{steps.version-bump.outputs.result}}
```
[All releases](https://github.com/${{matrix.service.owner}}/${{matrix.service.repo}}/releases)
[Release notes for ${{steps.version-bump.outputs.newVersion}}](https://github.com/${{matrix.service.owner}}/${{matrix.service.repo}}/releases/tag/${{steps.version-bump.outputs.latestTag}})