m3tam3re/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: improve nix-update workflow and update packages

Browse Source 
- Refactor nix-update.yml: push directly to master instead of PRs
- Add skip list for packages without upstream releases
- Add opencode subpackage handling for node_modules
- Add nix-update-script to beads, code2prompt, mem0
- Update mem0: 1.0.0 -> 1.0.2
- Update opencode: 1.1.18 -> 1.1.25
- Fix n8n tag format
- Add n8n update.sh helper script
This commit is contained in:
m3tm3re
2026-01-18 11:04:33 +01:00
parent 52d8cdee11
commit f64e6983ea
8 changed files with 160 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

260
.gitea/workflows/nix-update.yml
View File

@@ -2,201 +2,203 @@ name: Update Nix Packages with nix-update
on:
schedule:
- cron: '0 2 * * *'
workflow_dispatch: # Allow manual triggering
- cron: "0 2,14 * * *" # Every 12 hours at 2 AM and 2 PM
workflow_dispatch:
inputs:
package:
description: 'Specific package to update (optional)'
description: "Specific package to update (optional)"
required: false
type: string
concurrency:
group: nix-update-${{ github.ref }}
cancel-in-progress: true
env:
GIT_AUTHOR_NAME: 'nix-update bot'
GIT_AUTHOR_EMAIL: 'bot@m3ta.dev'
GIT_COMMITTER_NAME: 'nix-update bot'
GIT_COMMITTER_EMAIL: 'bot@m3ta.dev'
GIT_AUTHOR_NAME: "nix-update bot"
GIT_AUTHOR_EMAIL: "bot@m3ta.dev"
GIT_COMMITTER_NAME: "nix-update bot"
GIT_COMMITTER_EMAIL: "bot@m3ta.dev"
REPO_DIR: "/tmp/nixpkgs"
SKIP_PACKAGES: "hyprpaper-random launch-webapp stt-ptt tuxedo-backlight zellij-ps msty-studio rofi-project-opener pomodoro-timer"
jobs:
nix-update:
runs-on: nixos
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.NIX_UPDATE_TOKEN }}
- name: Check for available packages to update
id: check-packages
- name: Setup Environment and Authenticate
run: |
echo "Found packages in pkgs/ directory:"
ls -1 pkgs/ | grep -v default.nix | grep -v AGENTS.md || echo "No package directories found"
if [ -d "$REPO_DIR" ]; then rm -rf "$REPO_DIR"; fi
git config --global credential.helper store
echo "https://m3tam3re:${{ secrets.NIX_UPDATE_TOKEN }}@code.m3ta.dev" > ~/.git-credentials
chmod 600 ~/.git-credentials
git config --global user.name "$GIT_AUTHOR_NAME"
git config --global user.email "$GIT_AUTHOR_EMAIL"
git config --global init.defaultBranch master
- name: Checkout Repository
run: |
git clone --no-single-branch \
"https://m3tam3re@code.m3ta.dev/m3tam3re/nixpkgs.git" \
"$REPO_DIR"
- name: Check Prerequisites
id: check
run: |
cd "$REPO_DIR"
if [ ! -d "pkgs" ]; then
echo "❌ Error: 'pkgs' directory not found."
exit 1
fi
# Check if flake.nix exists
if [ -f "flake.nix" ]; then
echo "✓ Found flake.nix"
echo "has_flake=true" >> $GITHUB_OUTPUT
else
echo "✗ No flake.nix found"
echo "has_flake=false" >> $GITHUB_OUTPUT
fi
- name: Setup git config
run: |
git config --global user.name "${{ env.GIT_AUTHOR_NAME }}"
git config --global user.email "${{ env.GIT_AUTHOR_EMAIL }}"
git config --global init.defaultBranch master
- name: Update packages
- name: Update Packages
id: update
run: |
cd "$REPO_DIR"
set -e
# Create timestamp for branch naming
TIMESTAMP=$(date +%Y%m%d-%H%M%S)
BRANCH_NAME="nix-update-${TIMESTAMP}"
git checkout master
# Create and checkout new branch
git checkout -b "${BRANCH_NAME}"
# Track if any packages were updated
UPDATES_FOUND=false
UPDATED_PACKAGES=""
# Check if specific package was requested
check_commit() {
[ "$1" != "$(git rev-parse HEAD)" ] && echo "true" || echo "false"
}
should_skip() {
local pkg=$1
for skip in $SKIP_PACKAGES; do
[ "$pkg" = "$skip" ] && return 0
done
return 1
}
run_update() {
local pkg=$1
local before_hash=$(git rev-parse HEAD)
if should_skip "$pkg"; then
echo "⏭️ Skipping $pkg (in skip list)"
return 1
fi
echo "::group::Updating $pkg"
local args=("--flake" "--commit")
if [ "$pkg" = "opencode" ]; then
args+=("--subpackage" "node_modules")
fi
args+=("$pkg")
if nix-update "${args[@]}" 2>&1 | tee /tmp/update-${pkg}.log; then
if [ "$(check_commit "$before_hash")" = "true" ]; then
echo "✅ Updated $pkg"
echo "::endgroup::"
return 0
fi
fi
echo "::endgroup::"
if ! grep -q "already up to date\|No new version found" /tmp/update-${pkg}.log; then
echo "⚠️ Update failed for $pkg"
fi
return 1
}
if [ -n "${{ inputs.package }}" ]; then
echo "Updating specific package: ${{ inputs.package }}"
if [ -d "pkgs/${{ inputs.package }}" ]; then
if nix-update --flake --commit "${{ inputs.package }}" 2>&1 | tee /tmp/update.log; then
UPDATES_FOUND=true
UPDATED_PACKAGES="${{ inputs.package }}"
echo "✓ Updated ${{ inputs.package }}"
else
echo " Package ${{ inputs.package }} update failed or not needed"
cat /tmp/update.log
fi
pkg="${{ inputs.package }}"
if [ -d "pkgs/$pkg" ]; then
if run_update "$pkg"; then
UPDATES_FOUND=true
UPDATED_PACKAGES="$pkg"
fi
else
echo " Package directory pkgs/${{ inputs.package }} not found"
echo " Package 'pkgs/$pkg' not found"
fi
else
echo "Checking all packages for updates..."
# Get list of package directories (exclude default.nix and AGENTS.md)
PACKAGES=$(find pkgs -mindepth 1 -maxdepth 1 -type d -not -name default.nix -not -name AGENTS.md -exec basename {} \; 2>/dev/null | sort)
PACKAGES=$(find pkgs -mindepth 1 -maxdepth 1 -type d -exec basename {} \; 2>/dev/null | sort)
if [ -z "$PACKAGES" ]; then
echo "No packages found to update"
echo "has_updates=false" >> $GITHUB_OUTPUT
exit 0
fi
# Update each package
for pkg in $PACKAGES; do
echo ""
echo "━━━ Checking $pkg ━━━"
if nix-update --flake --commit "$pkg" 2>&1 | tee /tmp/update-${pkg}.log; then
UPDATES_FOUND=true
UPDATED_PACKAGES="${UPDATED_PACKAGES}, $pkg"
echo "✓ Updated $pkg"
else
# Check if it was actually an update or just "already up to date"
if grep -q "already up to date\|No new version found" /tmp/update-${pkg}.log; then
echo " $pkg already up to date"
else
echo "⚠️ Update check for $pkg failed:"
cat /tmp/update-${pkg}.log
fi
if run_update "$pkg"; then
UPDATES_FOUND=true
UPDATED_PACKAGES="${UPDATED_PACKAGES}, $pkg"
fi
done
fi
# Remove trailing comma from package list
UPDATED_PACKAGES=$(echo "$UPDATED_PACKAGES" | sed 's/^, //')
COMMIT_COUNT=$(git rev-list --count origin/master..HEAD)
# Check if there are any changes
if [ "$UPDATES_FOUND" = "true" ]; then
echo ""
echo "━━━ Summary ━━━"
echo "✓ Package updates found: $UPDATED_PACKAGES"
if [ "$COMMIT_COUNT" -gt 0 ]; then
echo "✅ $COMMIT_COUNT updates committed locally."
echo "has_updates=true" >> $GITHUB_OUTPUT
echo "updated_packages=${UPDATED_PACKAGES}" >> $GITHUB_OUTPUT
echo "branch_name=${BRANCH_NAME}" >> $GITHUB_OUTPUT
# Check if there are actual git changes
if git diff-index --quiet HEAD --; then
echo "⚠️ No actual git changes detected despite nix-update success"
echo "has_updates=false" >> $GITHUB_OUTPUT
else
echo "✓ Git changes detected"
git status
fi
else
echo ""
echo "━━━ Summary ━━━"
echo " No package updates found"
echo " No updates found."
echo "has_updates=false" >> $GITHUB_OUTPUT
# Switch back to master if no updates
git checkout master
git branch -D "${BRANCH_NAME}" 2>/dev/null || true
fi
- name: Verify packages build
- name: Verify Builds
if: steps.update.outputs.has_updates == 'true'
run: |
PACKAGES="${{ steps.update.outputs.updated_packages }}"
echo "Verifying builds for: $PACKAGES"
# Parse comma-separated package list
IFS=', ' read -ra PKG_ARRAY <<< "$PACKAGES"
for pkg in "${PKG_ARRAY[@]}"; do
echo "━━━ Building $pkg ━━━"
if nix build .#$pkg; then
echo "✓ $pkg built successfully"
else
echo "❌ Build failed for $pkg"
cd "$REPO_DIR"
IFS=', ' read -ra PKGS <<< "${{ steps.update.outputs.updated_packages }}"
for pkg in "${PKGS[@]}"; do
echo "Building $pkg..."
if ! nix build .#$pkg; then
echo " Build failed for $pkg. Aborting push."
exit 1
fi
echo "✓ Build successful"
done
- name: Push branch and create pull request
- name: Push Changes
if: steps.update.outputs.has_updates == 'true'
run: |
BRANCH="${{ steps.update.outputs.branch_name }}"
cd "$REPO_DIR"
PACKAGES="${{ steps.update.outputs.updated_packages }}"
echo "Checking for dirty state..."
git status --porcelain
git reset --hard HEAD
echo "Pushing branch ${BRANCH}..."
echo "Pulling latest changes (rebase)..."
git pull --rebase origin master
# Push the branch
git push origin "${BRANCH}" || (git fetch origin "${BRANCH}" 2>/dev/null && git push origin "${BRANCH}" --force)
echo "Pushing changes to master..."
git push origin master
echo "✓ Successfully pushed updates for: $PACKAGES"
echo "Creating pull request..."
# Create pull request using tea CLI
wget -q https://dl.gitea.com/tea/latest/tea-linux-amd64 -O /tmp/tea
chmod +x /tmp/tea
# Get commit messages for PR description
COMMITS=$(git log origin/master..origin/"${BRANCH}" --pretty=format:"%h %s" | sed 's/^/- /')
# Create PR
/tmp/tea pr create \
--head "${BRANCH}" \
--base master \
--title "chore: update packages with nix-update" \
--body "Automated package updates using nix-update.\n\nUpdated packages:\n${PACKAGES}\n\nCommits:\n${COMMITS}" \
--assignees m3tam3re \
--labels automated-update || echo "Failed to create PR. Please create manually."
echo "✓ Pull request created or branch pushed: ${BRANCH}"
- name: Cleanup
if: always()
run: |
rm -f ~/.git-credentials
rm -rf "$REPO_DIR"
rm -f /tmp/update-*.log
- name: Summary
if: always()
run: |
echo "━━━ Workflow Summary ━━━"
if [ "${{ steps.update.outputs.has_updates }}" = "true" ]; then
echo "✅ Successfully updated packages"
echo "Branch: ${{ steps.update.outputs.branch_name }}"
echo "Packages: ${{ steps.update.outputs.updated_packages }}"
echo "✅ Successfully updated and pushed: ${{ steps.update.outputs.updated_packages }}"
else
echo " No package updates needed or found"
echo " No updates required."
fi