Update Nix flake #22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Update Nix flake" | |
| on: | |
| schedule: | |
| # Run on the first of every month | |
| - cron: '0 0 1 * *' | |
| workflow_dispatch: | |
| jobs: | |
| update: | |
| name: Update flake.nix | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install Doppler CLI | |
| uses: dopplerhq/cli-action@v3 | |
| - name: Pass all secrets to next steps | |
| run: | | |
| while read -rd $'' line; do echo "$line" >> $GITHUB_ENV; done < <( doppler secrets download --no-file --format=json | jq "." | grep -v 'DOPPLER_\(CONFIG\|ENVIRONMENT\|PROJECT\)' | jq -r 'to_entries|map("\(.key)<<EOF\n\(.value)\nEOF\u0000")[]' ) | |
| while read -r line; do echo "::add-mask::$line"; done < <( doppler secrets download --no-file --format=json | jq "." | grep -v 'DOPPLER_\(CONFIG\|ENVIRONMENT\|PROJECT\)' | jq -r 'to_entries|map("\(.value)\u0000")[]' ) | |
| env: | |
| DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN }} | |
| - name: Install Nix | |
| uses: cachix/install-nix-action@v25 | |
| with: | |
| nix_path: nixpkgs=channel:nixpkgs-unstable | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Update flake.lock | |
| run: nix flake update | |
| - name: Create diff | |
| id: diff | |
| run: | | |
| git diff --oneline --graph > flake-update.diff | |
| - name: Upload diff artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: "flake-update.diff" | |
| path: "flake-update.diff" | |
| build: | |
| name: Build | |
| needs: update | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| cachixName: | |
| - ezkea | |
| package: | |
| - an-anime-game-launcher | |
| - an-anime-borb-launcher | |
| - the-honkers-railway-launcher | |
| - honkers-launcher | |
| steps: | |
| - name: Install Doppler CLI | |
| uses: dopplerhq/cli-action@v3 | |
| - name: Pass all secrets to next steps | |
| run: | | |
| while read -rd $'' line; do echo "$line" >> $GITHUB_ENV; done < <( doppler secrets download --no-file --format=json | jq "." | grep -v 'DOPPLER_\(CONFIG\|ENVIRONMENT\|PROJECT\)' | jq -r 'to_entries|map("\(.key)<<EOF\n\(.value)\nEOF\u0000")[]' ) | |
| while read -r line; do echo "::add-mask::$line"; done < <( doppler secrets download --no-file --format=json | jq "." | grep -v 'DOPPLER_\(CONFIG\|ENVIRONMENT\|PROJECT\)' | jq -r 'to_entries|map("\(.value)\u0000")[]' ) | |
| env: | |
| DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install Nix | |
| uses: cachix/install-nix-action@v25 | |
| - name: Install Cachix | |
| uses: cachix/cachix-action@v14 | |
| with: | |
| name: ${{ matrix.cachixName }} | |
| authToken: '${{ env.CACHIX_AUTH_TOKEN }}' | |
| - name: Download diff artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: "flake-update.diff" | |
| path: "flake-update.diff" | |
| - name: Apply diff | |
| run: git apply flake-update.diff/flake-update.diff | |
| - name: Build | |
| run: | | |
| nix build --accept-flake-config -L ".#${{ matrix.package }}" | |
| pr: | |
| name: Make PR | |
| needs: [update, build] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Install Doppler CLI | |
| uses: dopplerhq/cli-action@v3 | |
| - name: Pass all secrets to next steps | |
| run: | | |
| while read -rd $'' line; do echo "$line" >> $GITHUB_ENV; done < <( doppler secrets download --no-file --format=json | jq "." | grep -v 'DOPPLER_\(CONFIG\|ENVIRONMENT\|PROJECT\)' | jq -r 'to_entries|map("\(.key)<<EOF\n\(.value)\nEOF\u0000")[]' ) | |
| while read -r line; do echo "::add-mask::$line"; done < <( doppler secrets download --no-file --format=json | jq "." | grep -v 'DOPPLER_\(CONFIG\|ENVIRONMENT\|PROJECT\)' | jq -r 'to_entries|map("\(.value)\u0000")[]' ) | |
| env: | |
| DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN }} | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Download diff artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: "flake-update.diff" | |
| path: "flake-update.diff" | |
| - name: Apply diff | |
| run: git apply flake-update.diff/flake-update.diff | |
| - name: Create pull request | |
| uses: peter-evans/create-pull-request@v6 | |
| with: | |
| author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | |
| commit-message: "chore: update flake.nix" | |
| title: "chore: update flake.nix" | |
| body: | | |
| Auto-generated by [create-pull-request][1] | |
| [1]: https://github.com/peter-evans/create-pull-request | |
| branch: "update-flake" |