on: workflow_dispatch: schedule: # 03:42 on Saturdays - cron: '42 3 * * 6' env: PR_TITLE: Weekly `cargo update` of dependencies PR_MESSAGE: | Automation to keep dependencies in `Cargo.lock` current. The following is the output from `cargo update`: COMMIT_MESSAGE: "chore(deps): cargo update" jobs: update-cargo: runs-on: nixos env: BRANCH_NAME: cargo-update steps: - uses: https://git.salame.cl/actions/checkout@v4 - run: nix --version - run: nix run .#cargo-update - name: craft PR body and commit message run: | set -xeuo pipefail echo "${COMMIT_MESSAGE}" > commit.txt printf '\n\n' >> commit.txt cat cargo_update.log >> commit.txt echo "${PR_MESSAGE}" > body.md echo '```txt' >> body.md cat cargo_update.log >> body.md echo '```' >> body.md - name: commit run: | set -xeuo pipefail git config user.name forgejo-actions git config user.email forgejo-actions@salame.cl git switch --force-create "$BRANCH_NAME" git add ./Cargo.lock DIFF="$(git diff --staged)" if [[ "$DIFF" == "" ]]; then echo "Cargo.lock was not changed, bailing out and not making a PR" exit 1 fi git commit --no-verify --file=commit.txt - name: push run: | set -xeuo pipefail git push --no-verify --force --set-upstream origin "$BRANCH_NAME" - name: open new pull request env: # We have to use a Personal Access Token (PAT) here. # PRs opened from a workflow using the standard `GITHUB_TOKEN` in GitHub Actions # do not automatically trigger more workflows: # https://docs.github.com/en/actions/security-guides/automatic-token-authentication#using-the-github_token-in-a-workflow GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | set -euo pipefail curl -X POST \ -H "Authorization: token $GITHUB_TOKEN" \ -H 'Content-Type: application/json' \ -d "$( echo '{}' | jq --arg body "$(cat body.md)" \ --arg title "$COMMIT_MESSAGE" \ --arg head "$BRANCH_NAME" \ '{"body": $body, "title": $title, "head": $head, "base": "main"}' )" \ "$GITHUB_API_URL/repos/$GITHUB_REPOSITORY/pulls"