diff --git a/.github/workflows/build-and-cache-chore-patch-hashes.yml b/.github/workflows/build-and-cache-chore-patch-hashes.yml new file mode 100644 index 0000000..bc6dd31 --- /dev/null +++ b/.github/workflows/build-and-cache-chore-patch-hashes.yml @@ -0,0 +1,36 @@ +name: Build and Cache on Push + +on: + push: + branches: + - chore/patch-hashes + pull_request: + +permissions: + contents: read + +jobs: + build-and-cache: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v27 + with: + github_access_token: ${{ secrets.GITHUB_TOKEN }} + - uses: cachix/cachix-action@v15 + with: + name: autofirma-nix + authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' + - name: build autofirma-nix + shell: /usr/bin/bash -o pipefail -e {0} + run: | + # nix flake metadata --update-input nixpkgs + nix build -L .#autofirma .#configuradorfnmt .#dnieremote 2>&1 | .github/workflows/replace_mismatching_hashes.pl + nix build --json .#autofirma .#configuradorfnmt .#dnieremote | jq -r '.[].outputs | to_entries[].value' | cachix push autofirma-nix + - name: Create Pull Request + if: failure() + uses: peter-evans/create-pull-request@v6 + with: + commit-message: 'update: hashes' + add-paths: nix + branch: chore/patch-hashes/update diff --git a/.github/workflows/replace_mismatching_hashes.pl b/.github/workflows/replace_mismatching_hashes.pl new file mode 100755 index 0000000..7b4b79f --- /dev/null +++ b/.github/workflows/replace_mismatching_hashes.pl @@ -0,0 +1,25 @@ +#!/usr/bin/env perl +use strict; +use warnings; + +my $specified_hash = ""; +my $got_hash = ""; + +while (my $line = ) { + print $line; + + if ($line =~ /specified:\s+(\S+)/) { + $specified_hash = $1; + } elsif ($line =~ /got:\s+(\S+)/) { + $got_hash = $1; + } + + if ($specified_hash && $got_hash) { + my $command = "find . -type f -name '*.nix' -print0 | xargs -0 sed -i -e 's/$specified_hash/$got_hash/g'"; + system($command); + print "Executed: $command\n"; + + $specified_hash = ""; + $got_hash = ""; + } +} diff --git a/nix/autofirma/default.nix b/nix/autofirma/default.nix index 758793a..4e0175d 100644 --- a/nix/autofirma/default.nix +++ b/nix/autofirma/default.nix @@ -19,7 +19,7 @@ owner = "ctt-gob-es"; repo = "jmulticard"; rev = "v1.8"; - hash = "sha256-sCqMK4FvwRHsGIB6iQVyqrx0+EDiUfQSAsPqmDq2Giw="; + hash = "sha256-sCqMK3FvwRHsGIB6iQVyqrx0+EDiUfQSAsPqmDq2Giw="; }; patches = [ ./patches/jmulticard/javaversion.patch