-
Notifications
You must be signed in to change notification settings - Fork 0
38 lines (38 loc) · 1.5 KB
/
updatecli-ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
name: Updatecli
on:
workflow_dispatch:
schedule:
- cron: '0 */2 * * *' # every 6 hours
permissions:
contents: 'write'
pull-requests: 'write'
jobs:
updatecli:
runs-on: 'didactiklabs-runners'
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Install Updatecli in the runner
uses: updatecli/updatecli-action@v2
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ secrets.APP_ID }}
private-key: ${{ secrets.PRIVATE_KEY }}
- name: Get Nixpkgs revision for nixfmt
run: |
# This should not be a URL, because it would allow PRs to run arbitrary code in CI!
url=$(jq -r .pins.nixpkgs.url npins/sources.json)
echo "url=$url" >> "$GITHUB_ENV"
- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # v27
with:
nix_path: nixpkgs=${{ env.url }}
extra_nix_config: |
fallback = true
trusted-public-keys = didactiklabs-nixcache:PxLKN0+ZkP07M8g8/B6xbP6A4MYpqQg6LH7V3muiy/0= cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
substituters = https://s3.didactiklabs.io/nix-cache https://cache.nixos.org/
- name: Run Updatecli in apply mode
run: 'updatecli apply --config ./updatecli/updatecli.d --values updatecli/values.yaml'
env:
UPDATECLI_GITHUB_TOKEN: '${{ steps.app-token.outputs.token }}'
GITHUB_TOKEN: '${{ steps.app-token.outputs.token }}'