From f05865972be297987aa2a3f4410496562131fd93 Mon Sep 17 00:00:00 2001 From: m3tm3re Date: Fri, 20 Feb 2026 07:51:21 +0100 Subject: [PATCH] fix(ci): dynamic flake input discovery and updateScript support - Replace hardcoded opencode update step with dynamic discovery of all version-pinned flake inputs via nix flake metadata --json - Add --use-update-script flag to nix-update command so packages with custom passthru.updateScript (like n8n) use their custom scripts - Update output variables from update-opencode to update-flake-inputs - Update Summary step to reflect new generic flake input handling --- .gitea/workflows/nix-update.yml | 152 +++++++++++++++++++------------- 1 file changed, 91 insertions(+), 61 deletions(-) diff --git a/.gitea/workflows/nix-update.yml b/.gitea/workflows/nix-update.yml index 714044d..89732cc 100644 --- a/.gitea/workflows/nix-update.yml +++ b/.gitea/workflows/nix-update.yml @@ -52,72 +52,91 @@ jobs: "https://m3tam3re@code.m3ta.dev/m3tam3re/nixpkgs.git" \ "$REPO_DIR" - - name: Update opencode Flake Input - id: update-opencode + - name: Update All Flake Inputs + id: update-flake-inputs run: | cd "$REPO_DIR" - echo "::group::Checking for opencode updates" + echo "::group::Discovering version-pinned flake inputs" - # Get latest release from GitHub API (strip v prefix for comparison) - LATEST_RELEASE=$(curl -s "https://api.github.com/repos/anomalyco/opencode/releases/latest" | jq -r '.tag_name' | sed 's/^v//') + # Get GitHub inputs with version refs (e.g., v1.2.9) + VERSIONED_INPUTS=$(nix flake metadata --json | jq -r ' + .locks.nodes | to_entries[] | + select(.value.original.type == "github") | + select(.value.original.ref != null) | + select(.value.original.ref | test("^v?[0-9]+\\.[0-9]+")) | + "\(.key) \(.value.original.owner) \(.value.original.repo) \(.value.original.ref)" + ') - # Extract current version from flake.nix - CURRENT_VERSION=$(grep 'anomalyco/opencode' flake.nix | grep -oP 'v\K[0-9.]+') + echo "Discovered version-pinned inputs:" + echo "$VERSIONED_INPUTS" + echo "::endgroup::" - echo "Current opencode version: $CURRENT_VERSION" - echo "Latest opencode version: $LATEST_RELEASE" + UPDATED_INPUTS="" + FAILED_INPUTS="" - # Check if update is needed - if [ "$LATEST_RELEASE" != "$CURRENT_VERSION" ]; then - echo "🔄 Updating opencode from $CURRENT_VERSION to $LATEST_RELEASE" + # Update each version-pinned input + while read -r INPUT_NAME OWNER REPO CURRENT_REF; do + [ -z "$INPUT_NAME" ] && continue - # Update flake.nix with new version - sed -i 's|url = "github:anomalyco/opencode/v.*"|url = "github:anomalyco/opencode/v'"$LATEST_RELEASE"'"|' flake.nix + echo "::group::Checking $INPUT_NAME ($OWNER/$REPO)" - # Update flake lock to fetch new revision - nix flake update opencode + # Get latest stable release (exclude prereleases) + LATEST=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/$OWNER/$REPO/releases/latest" | \ + jq -r 'select(.prerelease == false) | .tag_name // empty') - # Format with alejandra + if [ -z "$LATEST" ]; then + echo "⚠️ No stable release found for $INPUT_NAME" + FAILED_INPUTS="$FAILED_INPUTS $INPUT_NAME(no-release)" + echo "::endgroup::" + continue + fi + + echo "Current: $CURRENT_REF | Latest: $LATEST" + + if [ "$LATEST" != "$CURRENT_REF" ]; then + echo "Updating $INPUT_NAME from $CURRENT_REF to $LATEST" + + # Update flake.nix + sed -i "s|github:$OWNER/$REPO/[^\"']*|github:$OWNER/$REPO/$LATEST|g" flake.nix + + # Update flake.lock for this input + if nix flake update "$INPUT_NAME" 2>&1 | tee /tmp/input-update.log; then + UPDATED_INPUTS="$UPDATED_INPUTS $INPUT_NAME($LATEST)" + echo "✅ Updated $INPUT_NAME to $LATEST" + else + echo "❌ Failed to update $INPUT_NAME" + FAILED_INPUTS="$FAILED_INPUTS $INPUT_NAME(update-failed)" + git checkout flake.nix flake.lock 2>/dev/null || true + fi + else + echo "✓ $INPUT_NAME is already up to date" + fi + echo "::endgroup::" + done <<< "$VERSIONED_INPUTS" + + echo "::group::Updating non-version-pinned inputs" + # Update all non-version-pinned inputs (branches, no-ref) + nix flake update + echo "::endgroup::" + + # Check if we have any changes + if [ -n "$(git status --porcelain flake.nix flake.lock)" ]; then + echo "::group::Committing flake input updates" nix fmt flake.nix - - # Verify the update - echo "::endgroup::" - echo "::group::Verifying opencode update" - - # Run flake check - if ! nix flake check; then - echo "❌ Flake check failed after opencode update" - git checkout flake.nix flake.lock - exit 1 - fi - - # Build opencode package - if ! nix build .#opencode 2>&1 | tee /tmp/opencode-build.log; then - echo "❌ Build failed for opencode" - git checkout flake.nix flake.lock - exit 1 - fi - - echo "✅ Flake check passed" - echo "✅ Build successful for opencode" - echo "::endgroup::" - - # Commit the change - echo "::group::Committing opencode update" git add flake.nix flake.lock - git commit -m "chore: update opencode flake input to $LATEST_RELEASE" - echo "opencode_update=true" >> $GITHUB_OUTPUT - echo "opencode_version=${LATEST_RELEASE}" >> $GITHUB_OUTPUT + COMMIT_MSG="chore: update flake inputs" + [ -n "$UPDATED_INPUTS" ] && COMMIT_MSG="$COMMIT_MSG - $(echo $UPDATED_INPUTS | tr ' ' ', ')" + + git commit -m "$COMMIT_MSG" + echo "flake_inputs_updated=true" >> $GITHUB_OUTPUT + echo "updated_inputs=${UPDATED_INPUTS# }" >> $GITHUB_OUTPUT + [ -n "$FAILED_INPUTS" ] && echo "failed_inputs=${FAILED_INPUTS# }" >> $GITHUB_OUTPUT echo "::endgroup::" - - echo "✅ Updated opencode to $LATEST_RELEASE" else - echo "✓ opencode is already up to date" - echo "opencode_update=false" >> $GITHUB_OUTPUT - echo "opencode_version=${CURRENT_VERSION}" >> $GITHUB_OUTPUT - echo "::endgroup::" + echo "flake_inputs_updated=false" >> $GITHUB_OUTPUT fi - name: Check Prerequisites @@ -162,9 +181,9 @@ jobs: echo "::group::Updating $pkg" - local args=("--flake" "--commit" "--use-github-releases") + local args=("--flake" "--commit" "--use-github-releases" "--use-update-script") - args+=("$pkg") + args+=("$pkg") if nix-update "${args[@]}" 2>&1 | tee /tmp/update-${pkg}.log; then if [ "$(check_commit "$before_hash")" = "true" ]; then @@ -251,7 +270,7 @@ jobs: fi - name: Verify Builds - if: steps.update.outputs.has_updates == 'true' || steps.update-opencode.outputs.opencode_update == 'true' + if: steps.update.outputs.has_updates == 'true' || steps.update-flake-inputs.outputs.flake_inputs_updated == 'true' run: | cd "$REPO_DIR" @@ -303,16 +322,17 @@ jobs: echo "✅ All packages built successfully: ${SUCCESSFUL_PACKAGES[*]}" - name: Push Changes - if: steps.update.outputs.has_updates == 'true' || steps.update-opencode.outputs.opencode_update == 'true' + if: steps.update.outputs.has_updates == 'true' || steps.update-flake-inputs.outputs.flake_inputs_updated == 'true' run: | cd "$REPO_DIR" PACKAGES="${{ steps.update.outputs.updated_packages }}" - if [ "${{ steps.update-opencode.outputs.opencode_update }}" = "true" ]; then + if [ "${{ steps.update-flake-inputs.outputs.flake_inputs_updated }}" = "true" ]; then + UPDATED_INPUTS="${{ steps.update-flake-inputs.outputs.updated_inputs }}" if [ -n "$PACKAGES" ]; then - PACKAGES="$PACKAGES, opencode" + PACKAGES="$PACKAGES, flake inputs ($UPDATED_INPUTS)" else - PACKAGES="opencode" + PACKAGES="flake inputs ($UPDATED_INPUTS)" fi fi @@ -370,12 +390,22 @@ jobs: echo "\`${{ steps.update.outputs.updated_packages }}\`" >> $GITHUB_STEP_SUMMARY fi - if [ "${{ steps.update-opencode.outputs.opencode_update }}" = "true" ]; then + if [ "${{ steps.update-flake-inputs.outputs.flake_inputs_updated }}" = "true" ]; then HAS_UPDATES="true" echo "" >> $GITHUB_STEP_SUMMARY - echo "## Updated Flake Input" >> $GITHUB_STEP_SUMMARY + echo "## Updated Flake Inputs" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY - echo "- **opencode**: \`v${{ steps.update-opencode.outputs.opencode_version }}\`" >> $GITHUB_STEP_SUMMARY + for input in ${{ steps.update-flake-inputs.outputs.updated_inputs }}; do + echo "- **$input**" >> $GITHUB_STEP_SUMMARY + done + if [ -n "${{ steps.update-flake-inputs.outputs.failed_inputs }}" ]; then + echo "" >> $GITHUB_STEP_SUMMARY + echo "### Failed Inputs" >> $GITHUB_STEP_SUMMARY + echo "" >> $GITHUB_STEP_SUMMARY + for input in ${{ steps.update-flake-inputs.outputs.failed_inputs }}; do + echo "- $input" >> $GITHUB_STEP_SUMMARY + done + fi fi if [ "$HAS_UPDATES" = "true" ]; then