1
0
Fork 0
mirror of https://github.com/Mic92/sops-nix.git synced 2024-12-14 11:57:52 +00:00

update github action to also update private flake

This commit is contained in:
Jörg Thalheim 2024-11-17 13:02:33 +01:00 committed by Jörg Thalheim
parent 7769727634
commit 5f3869dfd2
3 changed files with 27 additions and 12 deletions

View file

@ -4,6 +4,10 @@ on:
workflow_dispatch:
schedule:
- cron: '51 2 * * 0'
permissions:
pull-requests: write
jobs:
createPullRequest:
runs-on: ubuntu-latest
@ -14,9 +18,12 @@ jobs:
with:
extra_nix_config: |
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v24
with:
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
pr-labels: |
merge-queue
- name: Update flakes
run: |
nix flake update
pushd dev/private
nix flake update
popd
nix run .#update-dev-private-narHash
- name: Create Pull Request
uses: peter-evans/create-pull-request@v7

View file

@ -93,6 +93,19 @@
tests // (suffix-stable tests-stable) // (suffix-stable packages-stable)
);
apps = eachSystem (
{ pkgs, ... }:
{
update-dev-private-narHash = {
type = "app";
program = "${pkgs.writeShellScript "update-dev-private-narHash" ''
nix --extra-experimental-features "nix-command flakes" flake lock ./dev/private
nix --extra-experimental-features "nix-command flakes" hash path ./dev/private | tr -d '\n' > ./dev/private.narHash
''}";
};
}
);
devShells = eachSystem (
{ pkgs, ... }:
{

View file

@ -10,11 +10,6 @@ pkgs.mkShell {
util-linux
nix
golangci-lint
(pkgs.writeScriptBin "update-dev-private-narHash" ''
nix --extra-experimental-features "nix-command flakes" flake lock ./dev/private
nix --extra-experimental-features "nix-command flakes" hash path ./dev/private | tr -d '\n' > ./dev/private.narHash
'')
];
# delve does not compile with hardening enabled
hardeningDisable = [ "all" ];