aed8dfc48d
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [DeterminateSystems/nix-installer-action](https://redirect.github.com/DeterminateSystems/nix-installer-action) | action | major | `v17` -> `v18` | --- ### Release Notes <details> <summary>DeterminateSystems/nix-installer-action (DeterminateSystems/nix-installer-action)</summary> ### [`v18`](https://redirect.github.com/DeterminateSystems/nix-installer-action/releases/tag/v18) [Compare Source](https://redirect.github.com/DeterminateSystems/nix-installer-action/compare/v17...v18) ##### What's Changed - Correctly suppress empty summaries by [@​gustavderdrache](https://redirect.github.com/gustavderdrache) in [https://github.com/DeterminateSystems/nix-installer-action/pull/171](https://redirect.github.com/DeterminateSystems/nix-installer-action/pull/171) - Test penance by [@​gustavderdrache](https://redirect.github.com/gustavderdrache) in [https://github.com/DeterminateSystems/nix-installer-action/pull/172](https://redirect.github.com/DeterminateSystems/nix-installer-action/pull/172) - Add hash mismatches to summary by [@​gustavderdrache](https://redirect.github.com/gustavderdrache) in [https://github.com/DeterminateSystems/nix-installer-action/pull/173](https://redirect.github.com/DeterminateSystems/nix-installer-action/pull/173) - Fix an obscure error case where if the only log fails, the rendering is wack by [@​grahamc](https://redirect.github.com/grahamc) in [https://github.com/DeterminateSystems/nix-installer-action/pull/177](https://redirect.github.com/DeterminateSystems/nix-installer-action/pull/177) - Ditch the docker shim in favor of a double fork by [@​grahamc](https://redirect.github.com/grahamc) in [https://github.com/DeterminateSystems/nix-installer-action/pull/180](https://redirect.github.com/DeterminateSystems/nix-installer-action/pull/180) - Add a note about pinning by [@​grahamc](https://redirect.github.com/grahamc) in [https://github.com/DeterminateSystems/nix-installer-action/pull/182](https://redirect.github.com/DeterminateSystems/nix-installer-action/pull/182) **Full Changelog**: https://github.com/DeterminateSystems/nix-installer-action/compare/v17...v18 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4yMS4yIiwidXBkYXRlZEluVmVyIjoiNDEuMjEuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsicmVub3ZhdGUiXX0=--> Co-authored-by: Renovate Bot <renovate@whitesourcesoftware.com>
151 lines
5.1 KiB
YAML
151 lines
5.1 KiB
YAML
name: Update Flake and Validate Build
|
|
|
|
on:
|
|
schedule:
|
|
- cron: "30 00 * * 1"
|
|
workflow_dispatch: # Allow manual triggering
|
|
|
|
# Set default permissions as read only
|
|
permissions: read-all
|
|
|
|
jobs:
|
|
update-flake:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
# Only need contents write to update the flake lock file
|
|
contents: write
|
|
outputs:
|
|
update_available: ${{ steps.check_updates.outputs.update_available }}
|
|
|
|
steps:
|
|
- name: Repository Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install Nix
|
|
uses: DeterminateSystems/nix-installer-action@v18
|
|
|
|
- name: Check for Updates
|
|
id: check_updates
|
|
run: |
|
|
# Create a temporary copy of flake.lock
|
|
cp flake.lock flake.lock.backup
|
|
|
|
# Try to update flake.lock
|
|
nix flake update
|
|
|
|
# Check if there are differences
|
|
if ! cmp -s flake.lock flake.lock.backup; then
|
|
echo "update_available=true" >> "$GITHUB_OUTPUT"
|
|
# Restore original flake.lock
|
|
mv flake.lock.backup flake.lock
|
|
else
|
|
echo "update_available=false" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: Update flake.lock
|
|
if: steps.check_updates.outputs.update_available == 'true'
|
|
uses: DeterminateSystems/update-flake-lock@v25
|
|
with:
|
|
nix-options: --debug --log-format raw
|
|
token: ${{ secrets.FLAKE_TOKEN }}
|
|
pr-title: "deps: update flake.lock"
|
|
pr-labels: |
|
|
dependencies
|
|
automated
|
|
|
|
build-and-check:
|
|
needs: update-flake
|
|
permissions:
|
|
# Needed for checking out code
|
|
contents: read
|
|
# Needed for creating issues
|
|
issues: write
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macos-latest]
|
|
fail-fast: false # Continue with other jobs even if one fails
|
|
|
|
runs-on: ${{ matrix.os }}
|
|
|
|
steps:
|
|
- name: Repository Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
ref: update_flake_lock_action
|
|
|
|
- name: Install Nix
|
|
uses: DeterminateSystems/nix-installer-action@v18
|
|
|
|
- name: Build and Test Configuration
|
|
id: build
|
|
continue-on-error: true # Continue to next steps even if build fails
|
|
run: |
|
|
set +e # Don't exit immediately on error
|
|
# Run the build and capture output
|
|
OUTPUT=$(nix build .# 2>&1)
|
|
BUILD_EXIT_CODE=$?
|
|
echo "build_output<<EOF" >> $GITHUB_ENV
|
|
echo "$OUTPUT" >> $GITHUB_ENV
|
|
echo "EOF" >> $GITHUB_ENV
|
|
|
|
# Check if build succeeded
|
|
if [ $BUILD_EXIT_CODE -eq 0 ]; then
|
|
echo "build_status=success" >> $GITHUB_ENV
|
|
else
|
|
echo "build_status=failure" >> $GITHUB_ENV
|
|
# Ensure the error is visible in the logs
|
|
echo "::error::Build failed with exit code $BUILD_EXIT_CODE"
|
|
echo "$OUTPUT"
|
|
fi
|
|
|
|
- name: Create Issue on Build Failure
|
|
if: env.build_status == 'failure'
|
|
uses: actions/github-script@v7
|
|
with:
|
|
script: |
|
|
const os = '${{ matrix.os }}';
|
|
const buildOutput = process.env.build_output;
|
|
const isUpdate = '${{ needs.update-flake.outputs.update_available }}' === 'true';
|
|
|
|
// Extract warnings and errors from build output
|
|
const warnings = buildOutput.match(/evaluation warning:[^\n]+/g) || [];
|
|
const errors = buildOutput.match(/error:[^\n]+/g) || [];
|
|
|
|
// Create a summary section
|
|
const summary = [
|
|
warnings.length > 0 ? `${warnings.length} evaluation warnings` : '',
|
|
errors.length > 0 ? `${errors.length} errors` : ''
|
|
].filter(Boolean).join(' and ');
|
|
|
|
// Get repository information from context
|
|
const [owner, repo] = process.env.GITHUB_REPOSITORY.split('/');
|
|
|
|
await github.rest.issues.create({
|
|
owner,
|
|
repo,
|
|
title: `🔨 Build Failed on ${os}: ${summary}${isUpdate ? ' (Dependency Update)' : ''}`,
|
|
body: `Build failed during automated validation on ${os}${isUpdate ? ' while testing dependency updates.' : '.'}\n
|
|
${isUpdate ? 'This failure occurred on the dependency update branch `deps/update-flake-lock`.' : 'This failure occurred on the main branch.'}\n
|
|
|
|
### Summary
|
|
${summary}\n
|
|
|
|
${warnings.length > 0 ? `### Warnings\n\`\`\`\n${warnings.join('\n')}\n\`\`\`\n` : ''}
|
|
${errors.length > 0 ? `### Errors\n\`\`\`\n${errors.join('\n')}\n\`\`\`\n` : ''}
|
|
|
|
<details>
|
|
<summary>Build Output</summary>
|
|
|
|
\`\`\`
|
|
${buildOutput}
|
|
\`\`\`
|
|
</details>
|
|
|
|
Please review the build output and fix any issues.`,
|
|
labels: [
|
|
'build-failure',
|
|
'bug',
|
|
...(warnings.length > 0 ? ['has-warnings'] : []),
|
|
...(errors.length > 0 ? ['has-errors'] : [])
|
|
]
|
|
});
|