m3tam3re/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(ci): dynamic flake input discovery and updateScript support

Browse Source 
- Replace hardcoded opencode update step with dynamic discovery of all
  version-pinned flake inputs via nix flake metadata --json
- Add --use-update-script flag to nix-update command so packages with
  custom passthru.updateScript (like n8n) use their custom scripts
- Update output variables from update-opencode to update-flake-inputs
- Update Summary step to reflect new generic flake input handling
This commit is contained in:
m3tm3re
2026-02-20 07:51:21 +01:00
parent 58312b2ca2
commit f05865972b
1 changed files with 91 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

152
.gitea/workflows/nix-update.yml
View File

@@ -52,72 +52,91 @@ jobs:
"https://m3tam3re@code.m3ta.dev/m3tam3re/nixpkgs.git" \
"$REPO_DIR"
- name: Update opencode Flake Input
id: update-opencode
- name: Update All Flake Inputs
id: update-flake-inputs
run: |
cd "$REPO_DIR"
echo "::group::Checking for opencode updates"
echo "::group::Discovering version-pinned flake inputs"
# Get latest release from GitHub API (strip v prefix for comparison)
LATEST_RELEASE=$(curl -s "https://api.github.com/repos/anomalyco/opencode/releases/latest" | jq -r '.tag_name' | sed 's/^v//')
# Get GitHub inputs with version refs (e.g., v1.2.9)
VERSIONED_INPUTS=$(nix flake metadata --json | jq -r '
.locks.nodes | to_entries[] |
select(.value.original.type == "github") |
select(.value.original.ref != null) |
select(.value.original.ref | test("^v?[0-9]+\\.[0-9]+")) |
"\(.key) \(.value.original.owner) \(.value.original.repo) \(.value.original.ref)"
')
# Extract current version from flake.nix
CURRENT_VERSION=$(grep 'anomalyco/opencode' flake.nix | grep -oP 'v\K[0-9.]+')
echo "Current opencode version: $CURRENT_VERSION"
echo "Latest opencode version: $LATEST_RELEASE"
# Check if update is needed
if [ "$LATEST_RELEASE" != "$CURRENT_VERSION" ]; then
echo "🔄 Updating opencode from $CURRENT_VERSION to $LATEST_RELEASE"
# Update flake.nix with new version
sed -i 's|url = "github:anomalyco/opencode/v.*"|url = "github:anomalyco/opencode/v'"$LATEST_RELEASE"'"|' flake.nix
# Update flake lock to fetch new revision
nix flake update opencode
# Format with alejandra
nix fmt flake.nix
# Verify the update
echo "Discovered version-pinned inputs:"
echo "$VERSIONED_INPUTS"
echo "::endgroup::"
echo "::group::Verifying opencode update"
# Run flake check
if ! nix flake check; then
echo "❌ Flake check failed after opencode update"
git checkout flake.nix flake.lock
exit 1
UPDATED_INPUTS=""
FAILED_INPUTS=""
# Update each version-pinned input
while read -r INPUT_NAME OWNER REPO CURRENT_REF; do
[ -z "$INPUT_NAME" ] && continue
echo "::group::Checking $INPUT_NAME ($OWNER/$REPO)"
# Get latest stable release (exclude prereleases)
LATEST=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
"https://api.github.com/repos/$OWNER/$REPO/releases/latest" | \
jq -r 'select(.prerelease == false) | .tag_name // empty')
if [ -z "$LATEST" ]; then
echo "⚠️ No stable release found for $INPUT_NAME"
FAILED_INPUTS="$FAILED_INPUTS $INPUT_NAME(no-release)"
echo "::endgroup::"
continue
fi
# Build opencode package
if ! nix build .#opencode 2>&1 | tee /tmp/opencode-build.log; then
echo "❌ Build failed for opencode"
git checkout flake.nix flake.lock
exit 1
fi
echo "Current: $CURRENT_REF | Latest: $LATEST"
echo "✅ Flake check passed"
echo "✅ Build successful for opencode"
echo "::endgroup::"
if [ "$LATEST" != "$CURRENT_REF" ]; then
echo "Updating $INPUT_NAME from $CURRENT_REF to $LATEST"
# Commit the change
echo "::group::Committing opencode update"
git add flake.nix flake.lock
git commit -m "chore: update opencode flake input to $LATEST_RELEASE"
# Update flake.nix
sed -i "s|github:$OWNER/$REPO/[^\"']*|github:$OWNER/$REPO/$LATEST|g" flake.nix
echo "opencode_update=true" >> $GITHUB_OUTPUT
echo "opencode_version=${LATEST_RELEASE}" >> $GITHUB_OUTPUT
echo "::endgroup::"
echo "✅ Updated opencode to $LATEST_RELEASE"
# Update flake.lock for this input
if nix flake update "$INPUT_NAME" 2>&1 | tee /tmp/input-update.log; then
UPDATED_INPUTS="$UPDATED_INPUTS $INPUT_NAME($LATEST)"
echo "✅ Updated $INPUT_NAME to $LATEST"
else
echo "✓ opencode is already up to date"
echo "opencode_update=false" >> $GITHUB_OUTPUT
echo "opencode_version=${CURRENT_VERSION}" >> $GITHUB_OUTPUT
echo "❌ Failed to update $INPUT_NAME"
FAILED_INPUTS="$FAILED_INPUTS $INPUT_NAME(update-failed)"
git checkout flake.nix flake.lock 2>/dev/null || true
fi
else
echo "✓ $INPUT_NAME is already up to date"
fi
echo "::endgroup::"
done <<< "$VERSIONED_INPUTS"
echo "::group::Updating non-version-pinned inputs"
# Update all non-version-pinned inputs (branches, no-ref)
nix flake update
echo "::endgroup::"
# Check if we have any changes
if [ -n "$(git status --porcelain flake.nix flake.lock)" ]; then
echo "::group::Committing flake input updates"
nix fmt flake.nix
git add flake.nix flake.lock
COMMIT_MSG="chore: update flake inputs"
[ -n "$UPDATED_INPUTS" ] && COMMIT_MSG="$COMMIT_MSG - $(echo $UPDATED_INPUTS | tr ' ' ', ')"
git commit -m "$COMMIT_MSG"
echo "flake_inputs_updated=true" >> $GITHUB_OUTPUT
echo "updated_inputs=${UPDATED_INPUTS# }" >> $GITHUB_OUTPUT
[ -n "$FAILED_INPUTS" ] && echo "failed_inputs=${FAILED_INPUTS# }" >> $GITHUB_OUTPUT
echo "::endgroup::"
else
echo "flake_inputs_updated=false" >> $GITHUB_OUTPUT
fi
- name: Check Prerequisites
@@ -162,7 +181,7 @@ jobs:
echo "::group::Updating $pkg"
local args=("--flake" "--commit" "--use-github-releases")
local args=("--flake" "--commit" "--use-github-releases" "--use-update-script")
args+=("$pkg")
@@ -251,7 +270,7 @@ jobs:
fi
- name: Verify Builds
if: steps.update.outputs.has_updates == 'true' || steps.update-opencode.outputs.opencode_update == 'true'
if: steps.update.outputs.has_updates == 'true' || steps.update-flake-inputs.outputs.flake_inputs_updated == 'true'
run: |
cd "$REPO_DIR"
@@ -303,16 +322,17 @@ jobs:
echo "✅ All packages built successfully: ${SUCCESSFUL_PACKAGES[*]}"
- name: Push Changes
if: steps.update.outputs.has_updates == 'true' || steps.update-opencode.outputs.opencode_update == 'true'
if: steps.update.outputs.has_updates == 'true' || steps.update-flake-inputs.outputs.flake_inputs_updated == 'true'
run: |
cd "$REPO_DIR"
PACKAGES="${{ steps.update.outputs.updated_packages }}"
if [ "${{ steps.update-opencode.outputs.opencode_update }}" = "true" ]; then
if [ "${{ steps.update-flake-inputs.outputs.flake_inputs_updated }}" = "true" ]; then
UPDATED_INPUTS="${{ steps.update-flake-inputs.outputs.updated_inputs }}"
if [ -n "$PACKAGES" ]; then
PACKAGES="$PACKAGES, opencode"
PACKAGES="$PACKAGES, flake inputs ($UPDATED_INPUTS)"
else
PACKAGES="opencode"
PACKAGES="flake inputs ($UPDATED_INPUTS)"
fi
fi
@@ -370,12 +390,22 @@ jobs:
echo "\`${{ steps.update.outputs.updated_packages }}\`" >> $GITHUB_STEP_SUMMARY
fi
if [ "${{ steps.update-opencode.outputs.opencode_update }}" = "true" ]; then
if [ "${{ steps.update-flake-inputs.outputs.flake_inputs_updated }}" = "true" ]; then
HAS_UPDATES="true"
echo "" >> $GITHUB_STEP_SUMMARY
echo "## Updated Flake Input" >> $GITHUB_STEP_SUMMARY
echo "## Updated Flake Inputs" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "- **opencode**: \`v${{ steps.update-opencode.outputs.opencode_version }}\`" >> $GITHUB_STEP_SUMMARY
for input in ${{ steps.update-flake-inputs.outputs.updated_inputs }}; do
echo "- **$input**" >> $GITHUB_STEP_SUMMARY
done
if [ -n "${{ steps.update-flake-inputs.outputs.failed_inputs }}" ]; then
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Failed Inputs" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
for input in ${{ steps.update-flake-inputs.outputs.failed_inputs }}; do
echo "- $input" >> $GITHUB_STEP_SUMMARY
done
fi
fi
if [ "$HAS_UPDATES" = "true" ]; then