Stream: nix

Topic: `flake.lock` auto-merge on GitHub


view this post on Zulip Srid (May 26 2024 at 15:26):

@Shivaraj B H https://github.com/DeterminateSystems/update-flake-lock/issues/89#issuecomment-1994167887

view this post on Zulip Shivaraj B H (May 27 2024 at 18:47):

I tried it out here: https://github.com/shivaraj-bh/services-flake/pull/14

This is the action configuration: https://github.com/shivaraj-bh/services-flake/blob/main/.github/workflows/update-flake-lock-ex-simple.yaml

If we use a github app, we wouldn’t have to manually trigger the CI workflow. How about creating a nixos.asia github app for automated tasks?

view this post on Zulip Srid (May 27 2024 at 18:49):

Shivaraj B H said:

How about creating a nixos.asia github app for automated tasks?

Sure. As you are an owner, you should have rights to create it.

By the way, take notes - so we can publish a tutorial on #website

view this post on Zulip Srid (May 27 2024 at 18:49):

(Or pass those notes to me here, so I can test it -- say for haskell-flake -- and create a formal tutorial)

view this post on Zulip Shivaraj B H (May 28 2024 at 07:40):

Created the Github App: https://github.com/apps/nixos-asia

view this post on Zulip Shivaraj B H (May 28 2024 at 08:15):

Notes

Create the Github App

Install the App and configure secrets

Use the App in your CI workflow
See example: https://github.com/juspay/services-flake/commit/d6ed5ef580698b9f207e32813b476fc59942aaf8

view this post on Zulip Shivaraj B H (May 28 2024 at 08:54):

And I manually triggered a workflow to see if it works and it did with no manual intervention: https://github.com/juspay/services-flake/pull/201

view this post on Zulip Shivaraj B H (May 28 2024 at 09:37):

Another additional feature: Auto delete the branch after merge

view this post on Zulip Shivaraj B H (May 28 2024 at 11:42):

Shivaraj B H said:

Another additional feature: Auto delete the branch after merge

Strange, that didn’t work here: https://github.com/juspay/services-flake/pull/202

But the Github documentation says that it should work:
Screenshot-2024-05-28-at-5.12.17PM.png
source: https://cli.github.com/manual/gh_pr_merge

view this post on Zulip Shivaraj B H (May 28 2024 at 11:49):

Ah, the default GITHUB_TOKEN doesn’t have permission to delete a branch: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

view this post on Zulip Shivaraj B H (May 28 2024 at 11:55):

Looks like the permission can be modified for a given job: https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs


Last updated: Nov 13 2024 at 12:32 UTC