pipeline: diff-pr: image: nixpkgs/nix-unstable commands: - mkdir -p /etc/nix - | cat > /etc/nix/nix.conf << EOF # WARNING: this file is generated from the nix.* options in # your NixOS configuration, typically # /etc/nixos/configuration.nix. Do not edit it! build-users-group = nixbld allowed-users = * auto-optimise-store = true builders-use-substitutes = true require-sigs = true sandbox = false substituters = https://attic.chir.rs/chir-rs/ https://cache.nixos.org/ system-features = big-parallel benchmark ca-derivations trusted-public-keys = cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY= nixcache:8KKuGz95Pk4UJ5W/Ni+pN+v+LDTkMMFV4yrGmAYgkDg= hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs= chir-rs:AnwyFacopHSkprD6aXY4/R3J9JYzTbV2rosJCBPaB28= trusted-substituters = trusted-users = @wheel experimental-features = nix-command flakes ca-derivations EOF - | for job in nixos-8gb-fsn1-1.x86_64-linux nutty-noon.x86_64-linux thinkrac.x86_64-linux nas.x86_64-linux instance-20221213-1915.aarch64-linux devterm.aarch64-linux; do nix show-derivation -r "github:DarkKirb/nixos-config/main#hydraJobs.$job" > old-$job.json done echo "Difference between this PR and main:" > review echo "" >> review for job in nixos-8gb-fsn1-1.x86_64-linux nutty-noon.x86_64-linux thinkrac.x86_64-linux nas.x86_64-linux instance-20221213-1915.aarch64-linux devterm.aarch64-linux; do nix show-derivation -r ".#hydraJobs.$job" > new-$job.json echo "## Changes for $job:" >> review echo '```' >> review python scripts/diff-drvs.py old-$job.json new-$job.json >> review echo '```' >> review done when: - event: pull_request post-review: image: nixery.dev/shell/curl commands: - | echo '{ "assignee": "DarkKirb", "base": "main", "head": "update-flake", "title": "Update flake" }' | jq '.body = $body' --arg body "$(cat review)" | curl -XPOST 'https://git.chir.rs/api/v1/repos/DarkKirb/nixos-config/pulls' -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Bearer $AUTHORISATION" --data-binary @- secrets: - gitea_token when: - event: pull_request