--- name: Periodic flake update on: # yamllint disable-line rule:truthy schedule: - cron: "0 */2 * * *" permissions: contents: write jobs: flake-update: runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:runner-latest steps: - uses: actions/checkout@v3 with: ref: master - uses: cachix/install-nix-action@v27 - name: configure git env: SSH_PRIVKEY: ${{ secrets.BOT_SSH_PRIVKEY }} SSH_PUBKEY: ${{ secrets.BOT_SSH_PUBKEY }} run: | echo "$SSH_PRIVKEY" > "$RUNNER_TEMP/id_ed25519" echo "$SSH_PUBKEY" > "$RUNNER_TEMP/id_ed25519.pub" chmod -R 0600 "$RUNNER_TEMP/id_ed25519.pub" "$RUNNER_TEMP/id_ed25519" git config --global user.name 'torjus-bot' git config --global user.email 'torjus-bot@git.t-juice.club' git config --global user.signingKey "$RUNNER_TEMP/id_ed25519.pub" git config --global gpg.format ssh git config --global commit.gpgsign true - name: flake update run: nix flake update --commit-lock-file - name: push run: git push