From 888fb86155dbf3b6cec0032029081c2b11434379 Mon Sep 17 00:00:00 2001 From: cy Date: Sun, 30 Mar 2025 09:55:07 -0400 Subject: [PATCH 1/4] workflow: rm GITHUB_TOKEN from update-flake-lock --- .github/workflows/update-flake-lock.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/update-flake-lock.yml b/.github/workflows/update-flake-lock.yml index 59006f6..248b096 100644 --- a/.github/workflows/update-flake-lock.yml +++ b/.github/workflows/update-flake-lock.yml @@ -14,7 +14,5 @@ jobs: - uses: actions/checkout@v4 - name: Install Nix uses: cachix/install-nix-action@v30 - with: - github_access_token: ${{ secrets.GITHUB_TOKEN }} - name: Update flake.lock uses: DeterminateSystems/update-flake-lock@v24 From 015b6baa8d1200bacd0e30eb241f3d9f3cb2c5f5 Mon Sep 17 00:00:00 2001 From: cy Date: Sun, 30 Mar 2025 09:55:22 -0400 Subject: [PATCH 2/4] workflow: use sed to stop spam --- .github/workflows/build-machines-and-homes.yml | 4 ++-- .github/workflows/build-packages.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-machines-and-homes.yml b/.github/workflows/build-machines-and-homes.yml index 7ede8d4..dd08f2c 100644 --- a/.github/workflows/build-machines-and-homes.yml +++ b/.github/workflows/build-machines-and-homes.yml @@ -78,7 +78,7 @@ jobs: derivations=() while IFS=$'\n' read derivation; do derivations+=("$derivation") - done < <(nix path-info --derivation "$package") + done < <(nix path-info --derivation "$package" | sed 's/\.drv$/.drv^*/') for derivation in "${derivations[@]}"; do nix copy -j8 \ @@ -155,7 +155,7 @@ jobs: derivations=() while IFS=$'\n' read derivation; do derivations+=("$derivation") - done < <(nix path-info --derivation "$package") + done < <(nix path-info --derivation "$package" | sed 's/\.drv$/.drv^*/') for derivation in "${derivations[@]}"; do nix copy -j8 \ diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml index fea88fc..7ef9afb 100644 --- a/.github/workflows/build-packages.yml +++ b/.github/workflows/build-packages.yml @@ -67,7 +67,7 @@ jobs: derivations=() while IFS=$'\n' read derivation; do derivations+=("$derivation") - done < <(nix path-info --derivation "${{ matrix.package }}") + done < <(nix path-info --derivation "${{ matrix.package }}" | sed 's/\.drv$/.drv^*/') for derivation in "${derivations[@]}"; do nix copy -j8 \ From ec978a406d5039abbe471edb24972e3f8f50f1d4 Mon Sep 17 00:00:00 2001 From: cy Date: Sun, 30 Mar 2025 09:55:07 -0400 Subject: [PATCH 3/4] workflow: rm GITHUB_TOKEN from update-flake-lock --- .github/workflows/update-flake-lock.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/update-flake-lock.yml b/.github/workflows/update-flake-lock.yml index 59006f6..248b096 100644 --- a/.github/workflows/update-flake-lock.yml +++ b/.github/workflows/update-flake-lock.yml @@ -14,7 +14,5 @@ jobs: - uses: actions/checkout@v4 - name: Install Nix uses: cachix/install-nix-action@v30 - with: - github_access_token: ${{ secrets.GITHUB_TOKEN }} - name: Update flake.lock uses: DeterminateSystems/update-flake-lock@v24 From ed82c083abb55f66ee87199a9824797bcc2ae2aa Mon Sep 17 00:00:00 2001 From: cy Date: Sun, 30 Mar 2025 10:21:23 -0400 Subject: [PATCH 4/4] workflow: use deploy keys in update-flake-lock to trigger actions --- .github/workflows/update-flake-lock.yml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-flake-lock.yml b/.github/workflows/update-flake-lock.yml index 248b096..a45bd09 100644 --- a/.github/workflows/update-flake-lock.yml +++ b/.github/workflows/update-flake-lock.yml @@ -11,8 +11,15 @@ jobs: createPullRequest: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2 + with: + ssh-key; ${{ secrets.SSH_DEPLOY_KEY }} + - name: Install Nix - uses: cachix/install-nix-action@v30 + uses: cachix/install-nix-action@53fb48f556dd912c4814b24ee8059a9c91c82b18 + - name: Update flake.lock - uses: DeterminateSystems/update-flake-lock@v24 + run: nix flake update --commit-lock-file + + - name: Create PR + uses: peter-evans/create-pull-request@98106d3f2b65918a6591f9e155117b7219ff7e51