name: 'Update flake.lock' description: 'Update your flake.lock and send a PR' inputs: inputs: description: 'A space-separated list of inputs to update. Leave empty to update all inputs.' required: false default: '' token: description: 'GITHUB_TOKEN or a `repo` scoped Personal Access Token (PAT)' required: false default: ${{ github.token }} commit-msg: description: 'The message provided with the commit' required: false default: "flake.lock: Update" branch: description: 'The branch of the PR to be created' required: false default: "update_flake_lock_action" pr-title: description: 'The title of the PR to be created' required: false default: "flake.lock: Update" pr-labels: description: 'A comma or newline separated list of labels to set on the Pull Request to be created' required: false default: '' sign-commits: description: 'Set to true if the action should sign the commit with GPG' required: false default: '' gpg-private-key: description: 'GPG Private Key with which to sign the commits in the PR to be created' required: false default: '' gpg-passphrase: description: 'GPG Private Key Passphrase for the GPG Private Key with which to sign the commits in the PR to be created' required: false default: '' outputs: pull-request-number: description: 'The number of the opened pull request' value: ${{ steps.create-pr.outputs.pull-request-number }} runs: using: "composite" steps: - name: Import bot's GPG key for signing commits if: ${{ inputs.sign-commits }} id: import-gpg uses: crazy-max/ghaction-import-gpg@v4 with: gpg_private_key: ${{ inputs.gpg-private-key }} passphrase: ${{ inputs.gpg-passphrase }} git_config_global: true git_user_signingkey: true git_commit_gpgsign: true - name: Run update-flake-lock.sh (signed commit) run: $GITHUB_ACTION_PATH/update-flake-lock.sh if: ${{ inputs.sign-commits }} shell: bash env: GIT_AUTHOR_NAME: ${{ steps.import-gpg.outputs.name }} GIT_AUTHOR_EMAIL: ${{ steps.import-gpg.outputs.email }} GIT_COMMITTER_NAME: ${{ steps.import-gpg.outputs.name }} GIT_COMMITTER_EMAIL: ${{ steps.import-gpg.outputs.email }} TARGETS: ${{ inputs.inputs }} COMMIT_MSG: ${{ inputs.commit-msg }} - name: Run update-flake-lock.sh (no commit signing) run: $GITHUB_ACTION_PATH/update-flake-lock.sh if: ${{ !inputs.sign-commits }} shell: bash env: GIT_AUTHOR_NAME: github-actions[bot] GIT_AUTHOR_EMAIL: GIT_COMMITTER_NAME: github-actions[bot] GIT_COMMITTER_EMAIL: TARGETS: ${{ inputs.inputs }} COMMIT_MSG: ${{ inputs.commit-msg }} - run: | content="$(git log --format=%b -n 1)" content="${content//'%'/'%25'}" content="${content//$'\n'/'%0A'}" content="${content//$'\r'/'%0D'}" echo "::set-output name=msg::$content" shell: bash id: commit_message - name: Create PR id: create-pr uses: peter-evans/create-pull-request@v3 with: branch: ${{ inputs.branch }} delete-branch: true title: ${{ inputs.pr-title }} token: ${{ inputs.token }} labels: ${{ inputs.pr-labels }} body: | Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action. ``` ${{ steps.commit_message.outputs.msg }} ``` ### Running GitHub Actions on this PR GitHub Actions will not run workflows on pull requests which are opened by a GitHub Action. To run GitHub Actions workflows on this PR, run: ```sh git branch -D update_flake_lock_action git fetch origin git checkout update_flake_lock_action git commit --amend --no-edit git push origin update_flake_lock_action --force ```