thomas/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0f5f6f36948573448f2502e355ffa66b1124ee66
nixos-config/.gitea/workflows/zen-browser-update.yml
T

145 lines
4.6 KiB
YAML
Raw Blame History

name: zen browser update
on:
schedule:
- cron: "20 6 * * *"
workflow_dispatch:
jobs:
update-zen-browser:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: install nix
uses: cachix/install-nix-action@v27
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: check latest zen browser release and update file
id: update
shell: bash
run: |
set -euo pipefail
FILE="modules/pkgs/zen-browser.nix"
current_version=$(python - <<'PY'
import re
s=open('modules/pkgs/zen-browser.nix').read()
m=re.search(r'version\s*=\s*"([^"]+)";', s)
print(m.group(1) if m else "")
PY
)
latest_version=$(curl -fsSLI -o /dev/null -w '%{url_effective}' \
'https://github.com/zen-browser/desktop/releases/latest' \
| sed -E 's#.*/##' \
| sed 's/^v//')
echo "current=$current_version"
echo "latest=$latest_version"
if [ -z "$latest_version" ] || [ "$latest_version" = "$current_version" ]; then
echo "updated=false" >> "$GITHUB_OUTPUT"
exit 0
fi
url="https://github.com/zen-browser/desktop/releases/download/${latest_version}/zen-x86_64.AppImage"
new_hash=$(nix store prefetch-file --json "$url" | python -c 'import json,sys; print(json.load(sys.stdin)["hash"])')
export LATEST_VERSION="$latest_version"
export NEW_HASH="$new_hash"
python - <<PY
import re
import os
p='modules/pkgs/zen-browser.nix'
s=open(p).read()
s=re.sub(r'version\s*=\s*"[^"]+"', f'version = "{os.environ["LATEST_VERSION"]}"', s, count=1)
s=re.sub(r'hash\s*=\s*"[^"]+"', f'hash = "{os.environ["NEW_HASH"]}"', s, count=1)
open(p,'w').write(s)
PY
echo "updated=true" >> "$GITHUB_OUTPUT"
echo "version=$latest_version" >> "$GITHUB_OUTPUT"
- name: create branch and commit
if: steps.update.outputs.updated == 'true'
shell: bash
run: |
set -euo pipefail
branch="bot/zen-browser-${{ steps.update.outputs.version }}"
git config user.name "gitea actions"
git config user.email "actions@localhost"
git checkout -B "$branch"
git add modules/pkgs/zen-browser.nix
git commit -m "update zen browser to ${{ steps.update.outputs.version }}"
git push --force origin "$branch"
- name: open pull request
if: steps.update.outputs.updated == 'true'
env:
GITEA_TOKEN: ${{ secrets.tea_token || secrets.TEA_TOKEN }}
shell: bash
run: |
set -euo pipefail
api="https://gitea.unrail.xyz/api/v1/repos/thomas/nixos-config"
branch="bot/zen-browser-${{ steps.update.outputs.version }}"
if [ -z "${GITEA_TOKEN:-}" ]; then
echo "GITEA_TOKEN is empty (check repo secret tea_token/TEA_TOKEN)"
exit 1
fi
existing=$(curl -fsS \
-H "Authorization: token ${GITEA_TOKEN}" \
"${api}/pulls?state=open" \
| python -c 'import json,sys; d=json.load(sys.stdin); b="'"$branch"'"; print(next((str(pr["number"]) for pr in d if isinstance(pr,dict) and pr.get("head",{}).get("ref")==b), ""))')
if [ -n "$existing" ]; then
echo "PR already exists: #$existing"
exit 0
fi
echo "Creating PR..."
created="false"
for head in "${branch}" "thomas:${branch}"; do
echo "Trying head=${head}"
response=$(curl -sS -w '\n%{http_code}' -X POST \
-H "Authorization: token ${GITEA_TOKEN}" \
-H "Content-Type: application/json" \
"${api}/pulls" \
-d "$(cat <<JSON
{
"title": "update zen browser to ${{ steps.update.outputs.version }}",
"head": "${head}",
"base": "main",
"body": "automated update of zen browser appimage version and hash"
}
JSON
)")
body=$(printf '%s\n' "$response" | sed '$d')
code=$(printf '%s\n' "$response" | tail -n1)
echo "Create PR status: $code"
echo "$body"
if [ "$code" -ge 200 ] && [ "$code" -lt 300 ]; then
created="true"
break
fi
done
if [ "$created" != "true" ]; then
echo "PR creation failed"
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink