Skip to content

update-flake-lock-inputs #51

update-flake-lock-inputs

update-flake-lock-inputs #51

name: update-flake-lock-inputs
on:
workflow_dispatch: # allows manual triggering
inputs:
templates:
description: 'Template paths (e.g., [ "tmpl1", "tmpl2"])'
required: true
flake_inputs:
description: 'Flake inputs to update (e.g., ["inp1", "inp2"])'
required: true
jobs:
lockfile:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
template: ${{ fromJson(github.event.inputs.templates) }}
input: ${{ fromJson(github.event.inputs.flake_inputs) }}
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
with:
app_id: ${{ secrets.BOT_APP_ID }}
private_key: ${{ secrets.BOT_PRIVATE_KEY }}
- name: Checkout repository
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@V27
with:
extra_nix_config: |
accept-flake-config = true
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Update ${{ matrix.template }} flake.lock ${{ matrix.input }}
uses: DeterminateSystems/update-flake-lock@v23
with:
path-to-flake-dir: ${{ matrix.template }}
commit-msg: "build(${{ matrix.template }}): Bump flake.lock ${{ matrix.input }}"
pr-title: "Update ${{ matrix.template }} flake.lock ${{ matrix.input }}"
pr-labels: |
dependencies
automated
token: ${{ steps.generate_token.outputs.token }}
branch: "update_${{ matrix.template }}_flake_lock_${{ matrix.input }}_action"
inputs: ${{ matrix.input }}
- name: Send notification on failure
if: ${{ failure() }}
uses: actions-cool/issues-helper@v3
with:
actions: create-issue
token: ${{ secrets.GITHUB_TOKEN }}
title: Update of ${{ matrix.template }} ${{ matrix.input }} failure
body: The [${{ github.workflow }}](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}) workflow failed. Check the workflow run for details.
labels: automated