Skip to content

Commit

Permalink
[TESTING] Reusable workflows; first commit.
Browse files Browse the repository at this point in the history
  • Loading branch information
telometto committed Dec 15, 2024
1 parent 2f0e5ee commit 1131afc
Show file tree
Hide file tree
Showing 4 changed files with 160 additions and 0 deletions.
49 changes: 49 additions & 0 deletions .github/workflows/comment_and_automerge.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: Comment and auto-merge
on:
workflow_call:
secrets:
github_token:
required: true
inputs:
pull_request_operation:
type: string
required: true
pull_request_url:
type: string
required: false

jobs:
comment_and_automerge:
runs-on: ubuntu-latest
steps:
- name: Create compare URLs
if: ${{ inputs.pull_request_operation == 'created' || inputs.pull_request_operation == 'updated' }}
uses: actions/github-script@main
with:
github-token: ${{ secrets.github_token }}
script: |
const comment = require('.github/scripts/comment')
const compare = require('.github/scripts/compare')
const urls = await compare({ core })
if (!urls?.length) return
const header = "# Compare URLs"
const body = urls.map((url) => `- ${url}`).join("\n")
const issueNumber = parseInt(process.env.PULL_REQUEST_NUMBER, 10)
if (Number.isNaN(issueNumber)) return
await comment({ github, context, header, body, issueNumber })
- name: Auto-merge GitHub bot PRs
if: ${{ inputs.pull_request_url != '' }}
run: |
if [ -n "$PR_URL" ]; then
gh pr merge --auto --merge "$PR_URL"
else
echo "PR_URL is not set!"
fi
env:
PR_URL: ${{ inputs.pull_request_url }}
GH_TOKEN: ${{ secrets.github_token }}
36 changes: 36 additions & 0 deletions .github/workflows/lint_and_test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: Lint and test
on:
workflow_call:
inputs:
token:
type: string
required: true
secrets: {}

jobs:
lint_and_test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@main
with:
token: ${{ inputs.token }}

- name: Cache Nix store
uses: actions/cache@main
with:
path: /nix/store
key: ${{ runner.os }}-nix-${{ hashFiles('flake.lock') }}
restore-keys: |
${{ runner.os }}-nix-
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main

- name: Run linter
run: nix run nixpkgs#nixpkgs-fmt -- --check .

- name: Run statix
run: nix run nixpkgs#statix -- .

- name: Run NixOS tests
run: nix flake check --tests
39 changes: 39 additions & 0 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
name: Update flake
on:
workflow_dispatch:
schedule:
- cron: "0 */4 * * *"
pull_request:
types: [opened, synchronize]
branches: [main, testing]

permissions:
contents: write
pull-requests: write

jobs:
lockfile:
runs-on: ubuntu-latest
steps:
- uses: webfactory/ssh-agent@master
with:
ssh-private-key: ${{ secrets.GH_ACTIONS }}

- name: Lint and test
uses: ./.github/workflows/lint_and_test.yml
with:
token: ${{ secrets.GITHUB_TOKEN }}

- name: Update .lock file
id: update_flake
uses: ./.github/workflows/update_flake_lock.yml
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
bot_pat: ${{ secrets.BOT_PAT }}

- name: Comment and auto-merge
uses: ./.github/workflows/comment_and_automerge.yml
with:
pull_request_operation: ${{ steps.update_flake.outputs.pull-request-operation }}
pull_request_url: ${{ steps.update_flake.outputs.pull-request-url }}
github_token: ${{ secrets.GITHUB_TOKEN }}
36 changes: 36 additions & 0 deletions .github/workflows/update_flake_lock.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: Update .lock file
on:
workflow_call:
secrets:
github_token:
required: true
bot_pat:
required: true
inputs: {}

jobs:
update_flake:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@main
with:
token: ${{ secrets.github_token }}

- name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@main
id: update-flake-lock
with:
commit-msg: "🧹 chore(flake.lock): update"
pr-body: |
```
{{ env.GIT_COMMIT_MESSAGE }}
```
pr-title: "🧹 chore(flake.lock): update"
pr-labels: auto-merge
nix-options: "--access-tokens github.com=${{ secrets.bot_pat }}"
token: ${{ secrets.github_token }}

- name: Set outputs
run: |
echo "pull-request-operation=${{ steps.update-flake-lock.outputs.pull-request-operation }}" >> $GITHUB_OUTPUT
echo "pull-request-url=${{ steps.update-flake-lock.outputs.pull-request-url }}" >> $GITHUB_OUTPUT

0 comments on commit 1131afc

Please sign in to comment.