Add automated package update workflow · jaspermayone.com/dots@a67e0a0

jaspermayone.com / dots

fork atom

@jaspermayone.com's dotfiles

fork atom

Add automated package update workflow

- Check for new wut releases daily
- Auto-update version and hashes
- Create PR with changes

jaspermayone.com 1 month ago a67e0a02 f0d05db5

+89

1 changed file

expand all

.github

workflows

update-packages.yml

+89

.github/workflows/update-packages.yml

··· 1 + name: Update Custom Packages 2 + 3 + on: 4 + schedule: 5 + # Run daily at 4am UTC 6 + - cron: '0 4 * * *' 7 + workflow_dispatch: # Allow manual trigger 8 + 9 + permissions: 10 + contents: write 11 + pull-requests: write 12 + 13 + jobs: 14 + update-wut: 15 + name: Update wut package 16 + runs-on: ubuntu-latest 17 + steps: 18 + - name: Checkout repository 19 + uses: actions/checkout@v4 20 + 21 + - name: Install Nix 22 + uses: DeterminateSystems/nix-installer-action@main 23 + 24 + - name: Setup Git 25 + run: | 26 + git config user.name "github-actions[bot]" 27 + git config user.email "github-actions[bot]@users.noreply.github.com" 28 + 29 + - name: Check for new wut release 30 + id: check-release 31 + run: | 32 + # Get latest release from GitHub 33 + LATEST=$(curl -s https://api.github.com/repos/simonbs/wut/releases/latest | jq -r .tag_name) 34 + CURRENT=$(grep 'version = ' packages/wut.nix | sed 's/.*"$.*$".*/\1/') 35 + 36 + echo "Latest version: $LATEST" 37 + echo "Current version: v$CURRENT" 38 + 39 + if [ "$LATEST" != "v$CURRENT" ]; then 40 + echo "update_needed=true" >> $GITHUB_OUTPUT 41 + echo "new_version=${LATEST#v}" >> $GITHUB_OUTPUT 42 + echo "Update needed: $LATEST" 43 + else 44 + echo "update_needed=false" >> $GITHUB_OUTPUT 45 + echo "Already up to date" 46 + fi 47 + 48 + - name: Update wut package 49 + if: steps.check-release.outputs.update_needed == 'true' 50 + env: 51 + NEW_VERSION: ${{ steps.check-release.outputs.new_version }} 52 + run: | 53 + # Update version 54 + sed -i "s/version = \".*\";/version = \"$NEW_VERSION\";/" packages/wut.nix 55 + 56 + # Get new source hash 57 + NEW_HASH=$(nix-prefetch-url --unpack "https://github.com/simonbs/wut/archive/refs/tags/v${NEW_VERSION}.tar.gz") 58 + NEW_HASH_SRI=$(nix hash convert --hash-algo sha256 "$NEW_HASH") 59 + 60 + # Update source hash 61 + sed -i "s|hash = \"sha256-.*\";|hash = \"$NEW_HASH_SRI\";|" packages/wut.nix 62 + 63 + # Try to build to get vendorHash 64 + if ! nix build .#nixosConfigurations.horace.pkgs.wut 2>&1 | tee build.log; then 65 + # Extract the correct vendorHash from the error message 66 + VENDOR_HASH=$(grep "got:" build.log | tail -1 | awk '{print $2}') 67 + if [ -n "$VENDOR_HASH" ]; then 68 + sed -i "s|vendorHash = \"sha256-.*\";|vendorHash = \"$VENDOR_HASH\";|" packages/wut.nix 69 + fi 70 + fi 71 + 72 + - name: Create Pull Request 73 + if: steps.check-release.outputs.update_needed == 'true' 74 + uses: peter-evans/create-pull-request@v6 75 + with: 76 + token: ${{ secrets.GITHUB_TOKEN }} 77 + commit-message: "Update wut to v${{ steps.check-release.outputs.new_version }}" 78 + title: "Update wut to v${{ steps.check-release.outputs.new_version }}" 79 + body: | 80 + Automated update of wut package to latest release. 81 + 82 + **Changes:** 83 + - Update wut to v${{ steps.check-release.outputs.new_version }} 84 + - Update source hash 85 + - Update vendorHash if needed 86 + 87 + **Release Notes:** https://github.com/simonbs/wut/releases/tag/v${{ steps.check-release.outputs.new_version }} 88 + branch: update-wut-v${{ steps.check-release.outputs.new_version }} 89 + delete-branch: true