forked from rfaulhaber/sfdx-nix
-
Notifications
You must be signed in to change notification settings - Fork 0
147 lines (119 loc) · 5.39 KB
/
update-version.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
name: Catch up the latest version
on:
schedule:
- cron: '0 0 * * 0' # Runs weekly on Sunday at midnight UTC
workflow_dispatch:
jobs:
update-cli:
runs-on: ubuntu-latest
env:
PR_NAME_PREFIX: "Update Salesforce CLI to"
steps:
- name: Checkout the repository
uses: actions/checkout@v4
- name: Set up Nix
uses: cachix/install-nix-action@v27
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Install prefetch-yarn-deps
run: nix-env -i prefetch-yarn-deps -f '<nixpkgs>'
- name: Get the latest version from the Salesforce CLI repo
id: get_version
run: |
latest_version=$(curl -sS --fail https://api.github.com/repos/salesforcecli/cli/releases/latest | jq -r .tag_name)
if [ -z "$latest_version" ]; then
echo "Failed to fetch latest version from salesforcecli repo"
exit 1
fi
echo "version=$latest_version" >> $GITHUB_ENV
- name: Get current version
run: |
current_version=$(grep 'version = ' flake.nix | sed -E 's/.*version = "([^"]+)".*/\1/')
if [ -z "$current_version" ]; then
echo "Failed to extract current version from flake.nix"
exit 1
fi
echo "Current version: $current_version"
echo "Latest version: ${{ env.version }}"
if [ "$current_version" = "${{ env.version }}" ]; then
echo "The latest version is the same as the current version ($current_version). No update needed."
echo "update_needed=false" >> $GITHUB_ENV
else
echo "update_needed=true" >> $GITHUB_ENV
fi
- name: Fetch new hashes
if: env.update_needed == 'true'
run: |
repo_code=$(nix-prefetch-url --unpack https://github.com/salesforcecli/cli/archive/refs/tags/$version.tar.gz)
echo "Repo code: $repo_code"
repo_hash=$(nix hash to-base64 --type sha256 $repo_code)
if [ -z "$repo_hash" ]; then
echo "Repo hash caculation got empty value."
exit 1
fi
echo "Repo hash: $repo_hash"
temp_dir=$(mktemp -d)
curl -sS -o "$temp_dir/yarn.lock" "https://raw.githubusercontent.com/salesforcecli/cli/$version/yarn.lock"
yarn_code=$(prefetch-yarn-deps "$temp_dir/yarn.lock")
echo "Yarn code: $yarn_code"
yarn_hash=$(nix hash to-base64 --type sha256 $yarn_code)
if [ -z "$yarn_hash" ]; then
echo "Yarn hash caculation got empty value."
exit 1
fi
echo "Yarn hash: $yarn_hash"
sed -i "s|version = \".*\";|version = \"$version\";|g" flake.nix
# Because we have two `hash = ` lines to update, we simplify with preassuming
# 1. Assume the first hash is for the repo hash
sed -i "0,/hash = \"sha256-[^\"]*\"/s|hash = \"sha256-[^\"]*\"|hash = \"sha256-$repo_hash\"|" flake.nix
# 2. Assume the second hash is for the yarn.lock hash
sed -i "0,/hash = \"sha256-[^\"]*\"/!s|hash = \"sha256-[^\"]*\"|hash = \"sha256-$yarn_hash\"|" flake.nix
if ! grep -q "version = \"$version\"" flake.nix || ! grep -q "hash = \"sha256-$repo_hash\"" flake.nix || ! grep -q "hash = \"sha256-$yarn_hash\"" flake.nix; then
echo "Failed to update flake.nix"
exit 1
fi
- name: Test result by installing
if: env.update_needed == 'true'
run: |
nix build
nix shell --command sh -c "echo 'Installing the new version successfully.'"
- name: Push to Cachix
if: env.update_needed == 'true'
uses: cachix/cachix-action@v14
with:
name: sfdx-nix
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- name: Check for existing PRs, close them, and delete branches
if: env.update_needed == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
existing_prs=$(gh pr list --state open --json number,title,headRefName --jq ".[] | select(.title | startswith(\"$PR_NAME_PREFIX\")) | {number: .number, branch: .headRefName}")
if [ ! -z "$existing_prs" ]; then
echo "Closing existing PRs and deleting branches:"
echo "$existing_prs" | while read -r pr; do
number=$(echo $pr | jq -r '.number')
branch=$(echo $pr | jq -r '.branch')
echo "Closing PR #$number and deleting branch $branch"
gh pr close $number --comment "Closing in favor of a new update PR."
gh api -X DELETE repos/{owner}/{repo}/git/refs/heads/$branch
done
fi
- name: Commit and create a PR
if: env.update_needed == 'true'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
git config --global user.name "github-actions[bot]"
git config --global user.email "github-actions[bot]@users.noreply.github.com"
git checkout -b update-cli-$version
git add flake.nix
git commit -m "Update Salesforce CLI to $version"
git push origin update-cli-$version
gh pr create --title "$PR_NAME_PREFIX $version" --body "This PR updates the Salesforce CLI to version $version." --base main --head update-cli-$version
- name: Approve PR
if: env.update_needed == 'true'
run: gh pr review --approve $(gh pr list --state open --json number --jq '.[0].number')
- name: Merge PR
if: env.update_needed == 'true'
run: gh pr merge --auto --squash $(gh pr list --state open --json number --jq '.[0].number')