move update script to drone

.drone.yml

@@ -0,0 +1,61 @@
+---
+kind: pipeline
+type: docker
+name: update-flake
+
+steps:
+  - name: Update flake
+    image: nixos/nix
+    commands:
+      - echo "substituters = https://cache.nixos.org/ https://f000.backblazeb2.com/file/cache-chir-rs/" >> /etc/nix/nix.conf
+      - echo "trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=" >> /etc/nix/nix.conf
+      - |
+        for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do
+          nix show-derivation -r ".#hydraJobs.$job.x86_64-linux" > ../old-$job.json
+        done
+
+        nix flake update
+
+        for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do
+          nix show-derivation -r ".#hydraJobs.$job.x86_64-linux" > ../new-$job.json
+
+          python scripts/diff-drvs.py ../old-$job.json ../new-$job.json > ../report-$job.txt
+          cat report-$job.txt >> ../full-report.txt
+        done
+        if [ -s ../full-report.txt ]; then
+          echo "Automatic flake.lock update" > ../pr-message.txt
+          echo "" >> ../pr-message.txt
+          for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do
+            echo "## Changes for $job:" >> ../pr-message.txt
+            echo '```' >> ../pr-message.txt
+            cat report-$job.txt >> ../pr-message.txt
+            echo '```' >> ../pr-message.txt
+          done
+        else
+          touch ../pr-message.txt
+        fi
+  - name: Push git
+    image: appleboy/drone-git-push
+    settings:
+      ssh_key:
+        from_secret: SSH_KEY
+      remote: gitea@git.chir.rs:darkkirb/nixos-config.git
+      branch: update-flake
+      force: true
+      commit: true
+      commit_message: Update flake
+      author_name: Gitea Bot
+      author_email: gitea-bot@chir.rs
+  - name: Create pull request
+    image: alpine:latest
+    commands:
+      - apk add jq curl
+      - echo '{ "assignee": "DarkKirb", "base": "main", "head": "update-flake", "title": "Update flake" }' | jq '.body = $body' --arg body "$(cat ../pr-message.txt)" | curl -XPOST  'https://git.chir.rs/api/v1/repos/DarkKirb/nixos-config/pulls' -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Bearer $AUTHORISATION" -d-
+    environment:
+      AUTHORISATION:
+        from_secret: GITEA_KEY
+trigger:
+  event:
+    - cron
+  cron:
+    - updater

.github/workflows/update.yml

@@ -1,69 +0,0 @@
-name: Update flake
-on:
-  schedule:
-    - cron: "35 4 * * *"
-  workflow_dispatch: {}
-jobs:
-  update-flake:
-    name: Update flake
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          token: ${{ secrets.PUBLISH_TOKEN }}
-      - uses: cachix/install-nix-action@v17
-        with:
-          extra_nix_config: |
-            substituters = https://cache.nixos.org/ https://f000.backblazeb2.com/file/cache-chir-rs/
-            trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs=
-      # instantiate the current derivations
-      - id: update-step
-        run: |
-          for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do
-            nix show-derivation -r ".#hydraJobs.$job.x86_64-linux" > old-$job.json
-          done
-
-          nix flake update
-
-          for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do
-            nix show-derivation -r ".#hydraJobs.$job.x86_64-linux" > new-$job.json
-
-            python scripts/diff-drvs.py old-$job.json new-$job.json > report-$job.txt
-            cat report-$job.txt >> full-report.txt
-          done
-
-          if [ -s full-report.txt ]; then
-            echo "Automatic flake.lock update" > pr-message.txt
-            echo "" >> pr-message.txt
-            for job in nixos-8gb-fsn1-1 nutty-noon thinkrac installer nas; do
-              echo "## Changes for $job:" >> pr-message.txt
-              echo '```' >> pr-message.txt
-              cat report-$job.txt >> pr-message.txt
-              echo '```' >> pr-message.txt
-            done
-          else
-            touch pr-message.txt
-          fi
-
-          body=$(cat pr-message.txt)
-          body="${body//'%'/'%25'}"
-          body="${body//$'\n'/'%0A'}"
-          body="${body//$'\r'/'%0D'}"
-          echo ::set-output name=body::$body
-      - uses: peter-evans/create-pull-request@v4
-        if: steps.update-step.outputs.body != ''
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          body: ${{ steps.update-step.outputs.body }}
-          commit-message: Update flake.lock
-          committer: GitHub <noreply@github.com>
-          author: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
-          branch: update-flake
-          delete-branch: true
-          title: "Update flake.nix"
-          labels: |
-            update
-            automated
-          assignees: darkkirb
-          reviewers: darkkirb
-          add-paths: flake.lock