Ci/gitea actions and renovate #3
@@ -0,0 +1,37 @@
|
||||
# Flake CI: formatting gate + evaluation of every host configuration.
|
||||
name: CI
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
flake:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Install Nix
|
||||
uses: cachix/install-nix-action@v30
|
||||
with:
|
||||
extra_nix_config: |
|
||||
experimental-features = nix-command flakes
|
||||
accept-flake-config = true
|
||||
|
||||
- name: Check formatting
|
||||
run: nix build --print-build-logs '.#checks.x86_64-linux.formatting'
|
||||
|
||||
# Evaluate (not build) each host's toplevel so eval errors fail CI cheaply.
|
||||
# aarch64 hosts evaluate fine on an x86_64 runner; only building would need
|
||||
# emulation, which we deliberately avoid here.
|
||||
- name: Evaluate host configurations
|
||||
run: |
|
||||
set -euo pipefail
|
||||
for host in lyrathorpe-mbp lyrathorpe-x1c emmathorpe-edaas; do
|
||||
echo "::group::eval $host"
|
||||
nix eval --raw ".#nixosConfigurations.$host.config.system.build.toplevel.drvPath"
|
||||
echo
|
||||
echo "::endgroup::"
|
||||
done
|
||||
@@ -0,0 +1,31 @@
|
||||
# Self-hosted Renovate. Gitea has no built-in Renovate, so it runs here on a
|
||||
# schedule (and on demand). Requires a repo/org secret RENOVATE_TOKEN holding a
|
||||
# Gitea PAT with read/write on this repository and read on packages.
|
||||
# If a central Renovate bot already autodiscovers this repo, delete this file;
|
||||
# renovate.json alone is enough to configure it.
|
||||
name: Renovate
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 4 * * 1" # Mondays 04:00 UTC
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
renovate:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Run Renovate
|
||||
uses: renovatebot/github-action@v40.3.6
|
||||
with:
|
||||
configurationFile: renovate.json
|
||||
token: ${{ secrets.RENOVATE_TOKEN }}
|
||||
env:
|
||||
RENOVATE_PLATFORM: gitea
|
||||
RENOVATE_ENDPOINT: ${{ env.GITHUB_SERVER_URL }}/api/v1
|
||||
RENOVATE_AUTODISCOVER: "false"
|
||||
RENOVATE_REPOSITORIES: ${{ github.repository }}
|
||||
RENOVATE_GIT_AUTHOR: "Renovate Bot <renovate@lyrathorpe.dev>"
|
||||
LOG_LEVEL: info
|
||||
@@ -0,0 +1,30 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:recommended",
|
||||
":dependencyDashboard",
|
||||
":semanticCommits"
|
||||
],
|
||||
"nix": {
|
||||
"enabled": true
|
||||
},
|
||||
"lockFileMaintenance": {
|
||||
"enabled": true,
|
||||
"schedule": ["before 6am on monday"]
|
||||
},
|
||||
"git-submodules": {
|
||||
"enabled": false
|
||||
},
|
||||
"packageRules": [
|
||||
{
|
||||
"description": "Group all flake input bumps from lockFileMaintenance into one PR.",
|
||||
"matchManagers": ["nix"],
|
||||
"groupName": "flake inputs"
|
||||
},
|
||||
{
|
||||
"description": "Group Gitea Actions workflow updates.",
|
||||
"matchManagers": ["github-actions"],
|
||||
"groupName": "gitea actions"
|
||||
}
|
||||
]
|
||||
}
|
||||
Reference in New Issue
Block a user