Update Dorion #24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Dorion | |
| on: | |
| schedule: | |
| - cron: "0 0 */2 * *" # Every 2 days | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| update-dorion: | |
| name: Update Dorion | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 4 | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4.2.2 | |
| with: | |
| fetch-depth: 1 | |
| - uses: DeterminateSystems/nix-installer-action@v16 | |
| - name: Validate workspace | |
| run: | | |
| set -euo pipefail | |
| if [[ ! -f "pkgs/dorion.nix" ]]; then | |
| echo "::error::pkgs/dorion.nix not found" | |
| exit 1 | |
| fi | |
| echo "::notice::Workspace validation passed" | |
| - name: Get old version | |
| id: old-version | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| echo "::group::Extracting current version" | |
| if ! OLD_VERSION=$(perl -ne 'print $1 if /^\s*version\s*=\s*"([^"]+)";/' pkgs/dorion.nix 2>&1); then | |
| echo "::error::Failed to extract current version from dorion.nix" | |
| exit 1 | |
| fi | |
| if [[ -z "$OLD_VERSION" ]]; then | |
| echo "::error::No version found in dorion.nix" | |
| exit 1 | |
| fi | |
| echo "::notice::Current version: $OLD_VERSION" | |
| echo "version=$OLD_VERSION" >> $GITHUB_OUTPUT | |
| echo "::endgroup::" | |
| - name: Update Dorion | |
| id: update | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -euo pipefail | |
| echo "::group::Building update script" | |
| if ! nix build --impure --expr 'let pkgs = import <nixpkgs> { config.allowUnfree = true; }; in (pkgs.callPackage ./pkgs/dorion.nix {}).passthru.updateScript' 2>&1; then | |
| echo "::error::Failed to build the update script" | |
| exit 1 | |
| fi | |
| echo "::endgroup::" | |
| echo "::group::Running update script" | |
| if ! timeout 480 ./result/bin/dorion-update 2>&1; then | |
| echo "::error::Update script failed or timed out" | |
| exit 1 | |
| fi | |
| echo "::notice::Dorion update script completed successfully" | |
| echo "::endgroup::" | |
| rm -f ./result | |
| - name: Get new version | |
| id: new-version | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| echo "::group::Extracting updated version" | |
| if ! NEW_VERSION=$(perl -ne 'print $1 if /^\s*version\s*=\s*"([^"]+)";/' pkgs/dorion.nix 2>&1); then | |
| echo "::error::Failed to extract updated version from dorion.nix" | |
| exit 1 | |
| fi | |
| if [[ -z "$NEW_VERSION" ]]; then | |
| echo "::error::No version found in updated dorion.nix" | |
| exit 1 | |
| fi | |
| echo "::notice::Updated version: $NEW_VERSION" | |
| echo "version=$NEW_VERSION" >> $GITHUB_OUTPUT | |
| echo "::endgroup::" | |
| - name: Test Build | |
| env: | |
| NIXPKGS_ALLOW_UNFREE: 1 | |
| run: | | |
| set -euo pipefail | |
| echo "::group::Testing build" | |
| echo "::notice::Testing dorion build..." | |
| if ! timeout 300 nix-build -E "let pkgs = import <nixpkgs> {}; in pkgs.callPackage ./pkgs/dorion.nix {}" 2>&1; then | |
| echo "::error::Build failed" | |
| exit 1 | |
| fi | |
| echo "::notice::Build test successful" | |
| rm -f result | |
| echo "::endgroup::" | |
| - name: Check for changes | |
| id: check-changes | |
| run: | | |
| set -euo pipefail | |
| if [[ "${{ steps.old-version.outputs.version }}" == "${{ steps.new-version.outputs.version }}" ]]; then | |
| echo "::notice::No version changes detected" | |
| echo "has_changes=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "::notice::Version changed: ${{ steps.old-version.outputs.version }} -> ${{ steps.new-version.outputs.version }}" | |
| echo "has_changes=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Commit changes | |
| if: success() && steps.check-changes.outputs.has_changes == 'true' | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| set -euo pipefail | |
| echo "::group::Preparing commit" | |
| git config --global user.name 'github-actions[bot]' | |
| git config --global user.email 'github-actions[bot]@users.noreply.github.com' | |
| if [[ -n "$(git status --porcelain pkgs/dorion.nix)" ]]; then | |
| echo "::notice::Changes detected, committing..." | |
| git add pkgs/dorion.nix | |
| git commit -m "github: update dorion ${{ steps.old-version.outputs.version }} -> ${{ steps.new-version.outputs.version }}" | |
| echo "::endgroup::" | |
| echo "::group::Pushing changes" | |
| echo "::notice::Pushing changes with retry logic..." | |
| for attempt in {1..5}; do | |
| echo "::debug::Push attempt $attempt/5" | |
| if git fetch origin 2>&1 && \ | |
| git pull --rebase origin ${{ github.ref_name }} 2>&1 && \ | |
| git push origin HEAD:${{ github.ref_name }} 2>&1; then | |
| echo "::notice::Successfully pushed changes on attempt $attempt" | |
| break | |
| fi | |
| if [[ $attempt == 5 ]]; then | |
| echo "::error::Failed to push after 5 attempts" | |
| exit 1 | |
| fi | |
| echo "::warning::Push attempt $attempt failed, retrying in $((attempt * 2)) seconds..." | |
| sleep $((attempt * 2)) | |
| done | |
| echo "::endgroup::" | |
| else | |
| echo "::notice::No changes to commit" | |
| fi |