Update the flake lock file #26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Update the flake lock file" | |
on: | |
workflow_dispatch: # allows manual triggering | |
schedule: | |
- cron: '0 0 * * 0' # runs weekly on Sunday at 00:00 | |
jobs: | |
update-lockfile: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write # to push the branch for the PR | |
# ERROR; Automated PR's do not run automation! If that's no issue for you, uncomment the | |
# permission below and create a PR with the (ephermeral) token from the action run. | |
# Otherwise create a personal access token (PAT) that has write-access to PR's | |
# pull-requests: write # to open the PR | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Install Nix | |
uses: DeterminateSystems/nix-installer-action@v9 | |
- name: Update flake.lock | |
id: update-lockfile | |
uses: DeterminateSystems/update-flake-lock@v21 | |
with: | |
token: ${{ secrets.GH_TOKEN_FOR_PR }} # Required for automations to run on created PR | |
nix-options: --log-format raw | |
pr-title: "Update flake.lock" # Title of PR to be created | |
pr-labels: | # Labels to be set on the PR | |
dependencies | |
automated | |
- name: Mark PR for auto-merge | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_FOR_PR }} | |
run: | | |
gh pr merge ${{ steps.update-lockfile.outputs.pull-request-number }} --auto --rebase | |
- name: Communicate | |
run: echo Update DONE, check pull request number ${{ steps.update-lockfile.outputs.pull-request-number }}. |