Skip to content
Snippets Groups Projects
update-nixpkgs 2.15 KiB
Newer Older
  • Learn to ignore specific revisions
  • #!/usr/bin/env nix-shell
    
    #!nix-shell -i bash -p nixUnstable git openssh curl
    
    
    # ^^
    # we get nixUnstable for the diff-closures command, mostly.
    # we need git to commit and push our changes
    # we need openssh for ssh-agent to authenticate the push
    # we need curl to create the gitlab MR
    
    Jean-Paul Calderone's avatar
    Jean-Paul Calderone committed
    HOST="whetstone.private.storage"
    
    
    setup_ssh() {
        # -s makes the output sh compatible, in case it can't detect this for
        # itself.
        eval $(ssh-agent -s)
    
        # A GitLab CI/CD variable set for us to use.
    
        echo "${UPDATE_NIXPKGS_PRIVATE_SSHKEY_BASE64}" | base64 -d | ssh-add -
    
    
        # We may not know the git/ssh server's host key yet.  In that case, learn
        # it and proceed.
        export GIT_SSH_COMMAND="ssh -o StrictHostKeyChecking=accept-new"
    }
    
    setup_git() {
        git config --global user.email "update-bot@private.storage"
        git config --global user.name "Update Bot"
    
        git remote add origin "gitlab@${HOST}:PrivateStorage/PrivateStorageio.git" || true
    
    TARGET_BRANCH="nixpkgs-upgrade-$(date +%Y-%m-%d)"
    
    
    echo '{}' > morph/grid/local/public-keys/users.nix
    
    # nix-build -A morph -o result-before
    
    git branch -d "${TARGET_BRANCH}" || true
    git checkout -b "${TARGET_BRANCH}"
    
    Jean-Paul Calderone's avatar
    Jean-Paul Calderone committed
    # Spawn *another* nix-shell that has the *other* update-nixpkgs tool.  Should
    # sort out this mess sooner rather than later...
    
    nix-shell ./shell.nix --run 'update-nixpkgs'
    
    Jean-Paul Calderone's avatar
    Jean-Paul Calderone committed
    git fetch origin develop
    
    Jean-Paul Calderone's avatar
    Jean-Paul Calderone committed
    git branch -a
    
    
    Jean-Paul Calderone's avatar
    Jean-Paul Calderone committed
    # Show us what we did
    
    if git diff --exit-code origin/develop...; then
    
        echo "No changes."
        exit 0
    fi
    
    # nix-build -A morph -o result-after
    
    # diff=$(nix --extra-experimental-features nix-command store diff-closures ./result-before/ ./result-after/)
    
    
    git commit -am "bump nixpkgs version"
    
    git push origin "${TARGET_BRANCH}:${TARGET_BRANCH}"
    
    Jean-Paul Calderone's avatar
    Jean-Paul Calderone committed
    BODY=$(cat <<EOF
    {
        "id": ${CI_PROJECT_ID},
        "source_branch": "${CI_COMMIT_REF_NAME}",
        "target_branch": "${TARGET_BRANCH}",
        "remove_source_branch": true,
        "title": "WIP: ${CI_COMMIT_REF_NAME}",
        "assignee_id":"jcalderone"
    }
    EOF
        )
    
    
    curl -X POST --data "${BODY}" --header "Content-Type: application/json" --header "PRIVATE-TOKEN: ${UPDATE_NIXPKGS_PRIVATE_TOKEN}" "${HOST}/api/v4/projects/merge_requests"