diff --git a/.forgejo/workflows/main.yml b/.forgejo/workflows/main.yml index be3ed5c..86942cb 100644 --- a/.forgejo/workflows/main.yml +++ b/.forgejo/workflows/main.yml @@ -4,34 +4,69 @@ on: push: branches: - main - # pull_request: + pull_request: jobs: + check: + runs-on: x86_64 + steps: + - uses: actions/checkout@v4 + - name: Check flake + run: | + source /etc/bashrc + nix flake check + list-packages: runs-on: x86_64 outputs: packages: ${{ steps.set-matrix.outputs.packages }} steps: - uses: actions/checkout@v4 + with: + fetch-depth: 0 - id: set-matrix run: | source /etc/bashrc - PACKAGES=$(nix flake show --json | nix run nixpkgs#jq -- -c '.packages."x86_64-linux" | keys') - echo "packages=$PACKAGES" >> $GITHUB_OUTPUT - - # check: - # runs-on: x86_64 - # steps: - # - name: Checkout code - # uses: actions/checkout@v4 - # - name: Check flake - # run: | - # source /etc/bashrc - # nix flake check + ALL_PACKAGES=$(nix flake show --json | nix run nixpkgs#jq -- -r '.packages."x86_64-linux" | keys[]') + if [ "${{ github.event_name }}" == "pull_request" ]; then + echo "Detecting changed packages for PR..." + BASE_REF="${{ github.base_ref }}" + # Ensure the base branch is available for diffing + git fetch origin "$BASE_REF" --depth=1 + CHANGED_FILES=$(git diff --name-only "origin/$BASE_REF"...HEAD) + + if echo "$CHANGED_FILES" | grep -qE 'flake.nix|flake.lock'; then + echo "Flake files changed, building all packages." + SELECTED_PACKAGES=$(echo "$ALL_PACKAGES" | nix run nixpkgs#jq -- -R . | nix run nixpkgs#jq -- -s -c .) + else + # Extract package names from pkgs// + CHANGED_PKGS=$(echo "$CHANGED_FILES" | grep '^pkgs/' | cut -d'/' -f2 | sort -u || true) + + FINAL_PKGS=() + for pkg in $CHANGED_PKGS; do + if echo "$ALL_PACKAGES" | grep -q "^$pkg$"; then + FINAL_PKGS+=("$pkg") + fi + done + + if [ ${#FINAL_PKGS[@]} -eq 0 ]; then + SELECTED_PACKAGES="[]" + else + SELECTED_PACKAGES=$(printf '%s\n' "${FINAL_PKGS[@]}" | nix run nixpkgs#jq -- -R . | nix run nixpkgs#jq -- -s -c .) + fi + fi + else + echo "Push event, listing all packages." + SELECTED_PACKAGES=$(echo "$ALL_PACKAGES" | nix run nixpkgs#jq -- -R . | nix run nixpkgs#jq -- -s -c .) + fi + + echo "packages=$SELECTED_PACKAGES" >> $GITHUB_OUTPUT + build: - needs: list-packages + needs: [check, list-packages] runs-on: x86_64 + if: ${{ fromJson(needs.list-packages.outputs.packages)[0] != null }} strategy: fail-fast: false matrix: @@ -47,7 +82,7 @@ jobs: nix build .#${{ matrix.package }} - name: Cache & Push to Attic - if: success() + if: github.event_name == 'push' && github.ref == 'refs/heads/main' env: ATTIC_SERVER: ${{ secrets.ATTIC_SERVER }} ATTIC_TOKEN: ${{ secrets.ATTIC_TOKEN }} diff --git a/.forgejo/workflows/update-flake.yml b/.forgejo/workflows/update-flake.yml new file mode 100644 index 0000000..2a9847b --- /dev/null +++ b/.forgejo/workflows/update-flake.yml @@ -0,0 +1,62 @@ +name: Update Flake Lock + +on: + schedule: + - cron: '0 4 * * *' + workflow_dispatch: + +jobs: + update: + runs-on: x86_64 + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Update flake.lock + id: update + run: | + source /etc/bashrc + + nix flake update + + if git diff --quiet flake.lock; then + echo "No changes to flake.lock" + echo "updated=false" >> $GITHUB_OUTPUT + else + echo "flake.lock updated" + echo "updated=true" >> $GITHUB_OUTPUT + fi + + - name: Create Pull Request + if: steps.update.outputs.updated == 'true' + env: + API_FORGEJO_TOKEN: ${{ secrets.API_FORGEJO_TOKEN }} + run: | + source /etc/bashrc + + DATE=$(date +%Y-%m-%d) + BRANCH="update/flake-lock-${DATE}" + + git config user.name "mizuki" + git config user.email "akiyama@mizuki.guru" + + git checkout -b "$BRANCH" + git add flake.lock + git commit -m "flake.lock: update ${DATE}" + + REPO_URL=$(git remote get-url origin | sed 's|https://||') + git push -f "https://oauth2:${API_FORGEJO_TOKEN}@${REPO_URL}" "$BRANCH" + + FORGEJO_HOST=$(echo "$REPO_URL" | cut -d'/' -f1) + REPO_PATH=$(echo "$REPO_URL" | cut -d'/' -f2-) + + curl -fsSL -X POST \ + -H "Authorization: token ${API_FORGEJO_TOKEN}" \ + -H "Content-Type: application/json" \ + "https://${FORGEJO_HOST}/api/v1/repos/${REPO_PATH}/pulls" \ + -d "{ + \"title\": \"flake.lock: update ${DATE}\", + \"head\": \"${BRANCH}\", + \"base\": \"main\", + \"body\": \"Automated flake.lock update generated by Forgejo Actions.\" + }" diff --git a/.forgejo/workflows/update-vscode-insiders.yml b/.forgejo/workflows/update-vscode-insiders.yml new file mode 100644 index 0000000..52f455c --- /dev/null +++ b/.forgejo/workflows/update-vscode-insiders.yml @@ -0,0 +1,93 @@ +name: Update VSCode Insiders + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + +jobs: + update: + runs-on: x86_64 + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Check for new vscode-insiderss release + id: check + run: | + source /etc/bashrc + + CURRENT_VERSION=$(grep 'version = ' pkgs/vscode-insiders/default.nix | head -1 | grep -oP '"[^"]+"' | tr -d '"') + echo "Current version: $CURRENT_VERSION" + + LATEST_VERSION=$(curl -fsSL https://update.code.visualstudio.com/api/releases/insider | nix run nixpkgs#jq -- -r '.[0]') + echo "Latest version: $LATEST_VERSION" + + if [ "$CURRENT_VERSION" = "$LATEST_VERSION" ]; then + echo "Already up to date." + echo "updated=false" >> $GITHUB_OUTPUT + exit 0 + fi + + echo "New version found: $LATEST_VERSION" + echo "latest_version=$LATEST_VERSION" >> $GITHUB_OUTPUT + echo "updated=true" >> $GITHUB_OUTPUT + + - name: Update version and sha256 + if: steps.check.outputs.updated == 'true' + id: update + run: | + source /etc/bashrc + + LATEST="${{ steps.check.outputs.latest_version }}" + URL="https://code.visualstudio.com/sha/download?build=insider&os=linux-x64" + + echo "Fetching new sha256 for VSCode Insiders..." + NEW_SHA256=$(nix-prefetch-url --type sha256 "$URL" 2>/dev/null | tail -1) + NEW_SHA256_SRI=$(nix hash convert --hash-algo sha256 --to sri "$NEW_SHA256") + echo "New sha256 (SRI): $NEW_SHA256_SRI" + + sed -i "s|version = \".*\";|version = \"${LATEST}\";|" pkgs/vscode-insiders/default.nix + sed -i "s|sha256 = \"sha256-.*\";|sha256 = \"${NEW_SHA256_SRI}\";|" pkgs/vscode-insiders/default.nix + + echo "new_sha256=$NEW_SHA256_SRI" >> $GITHUB_OUTPUT + + - name: Verify build + if: steps.check.outputs.updated == 'true' + run: | + source /etc/bashrc + NIXPKGS_ALLOW_UNFREE=1 nix build .#vscode-insiderss + + - name: Create Pull Request + if: steps.check.outputs.updated == 'true' + env: + API_FORGEJO_TOKEN: ${{ secrets.API_FORGEJO_TOKEN }} + run: | + source /etc/bashrc + + LATEST="${{ steps.check.outputs.latest_version }}" + BRANCH="update/vscode-insiders-${LATEST}" + + git config user.name "mizuki" + git config user.email "akiyama@mizuki.guru" + + git checkout -b "$BRANCH" + git add pkgs/vscode-insiders/default.nix + git commit -m "pkgs/vscode-insiders: update to ${LATEST}" + + REPO_URL=$(git remote get-url origin | sed 's|https://||') + git push "https://oauth2:${API_FORGEJO_TOKEN}@${REPO_URL}" "$BRANCH" + + FORGEJO_HOST=$(echo "$REPO_URL" | cut -d'/' -f1) + REPO_PATH=$(echo "$REPO_URL" | cut -d'/' -f2-) + + curl -fsSL -X POST \ + -H "Authorization: token ${API_FORGEJO_TOKEN}" \ + -H "Content-Type: application/json" \ + "https://${FORGEJO_HOST}/api/v1/repos/${REPO_PATH}/pulls" \ + -d "{ + \"title\": \"pkgs/vscode-insiders: update to ${LATEST}\", + \"head\": \"${BRANCH}\", + \"base\": \"main\", + \"body\": \"Automated update of VSCode Insiders to version \`${LATEST}\`.\n\nNew SRI Hash: \`${{ steps.update.outputs.new_sha256 }}\`\" + }" \ No newline at end of file diff --git a/flake.lock b/flake.lock index 839eaed..c6670e1 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1776877367, - "narHash": "sha256-EHq1/OX139R1RvBzOJ0aMRT3xnWyqtHBRUBuO1gFzjI=", + "lastModified": 1777954456, + "narHash": "sha256-hGdgeU2Nk87RAuZyYjyDjFL6LK7dAZN5RE9+hrDTkDU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0726a0ecb6d4e08f6adced58726b95db924cef57", + "rev": "549bd84d6279f9852cae6225e372cc67fb91a4c1", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 8946507..b0a1454 100644 --- a/flake.nix +++ b/flake.nix @@ -8,16 +8,22 @@ outputs = { self, nixpkgs }: let system = "x86_64-linux"; + + # Overlay 정의 overlay = final: prev: { - # waterfox = final.callPackage ./pkgs/waterfox/default.nix { }; - # another = final.callPackage ./pkgs/another/default.nix { }; waterfox-bin = final.callPackage ./pkgs/waterfox-bin/default.nix { }; - xcursor-mizuki = final.callPackage ./pkgs/xcursor-mizuki/default.nix { stdenv = final.stdenv; }; - pjsk-cursor = final.callPackage ./pkgs/pjsk-cursor/default.nix { stdenv = final.stdenv; }; + xcursor-mizuki = final.callPackage ./pkgs/xcursor-mizuki/default.nix { }; + pjsk-cursor = final.callPackage ./pkgs/pjsk-cursor/default.nix { }; helium = final.callPackage ./pkgs/helium/default.nix { }; helium-sync = final.callPackage ./pkgs/helium-sync/default.nix { }; + vscode-insiders = final.callPackage ./pkgs/vscode-insiders/default.nix { }; + }; + + pkgs = import nixpkgs { + inherit system; + overlays = [ overlay ]; + config.allowUnfree = true; }; - pkgs = nixpkgs.legacyPackages.${system}.extend overlay; in { overlays.default = overlay; @@ -25,8 +31,15 @@ homeManagerModules.helium-sync = import ./modules/helium-sync-hm.nix; packages.${system} = { - inherit (pkgs) waterfox-bin xcursor-mizuki pjsk-cursor helium helium-sync; - # default = pkgs.waterfox-bin; + inherit (pkgs) + waterfox-bin + xcursor-mizuki + pjsk-cursor + helium + helium-sync + vscode-insiders; + + default = pkgs.helium; # 예시로 하나를 기본값으로 지정 }; }; -} +} \ No newline at end of file diff --git a/pkgs/vscode-insiders/default.nix b/pkgs/vscode-insiders/default.nix new file mode 100644 index 0000000..5a35b94 --- /dev/null +++ b/pkgs/vscode-insiders/default.nix @@ -0,0 +1,22 @@ +{ pkgs }: + +let + src = fetchTarball { + url = "https://code.visualstudio.com/sha/download?build=insider&os=linux-x64"; + sha256 = "0cq5p2r949k1nskfacz2j0m9zyg116zpzc8csmxb1q51p7znixkc"; + }; +in +(pkgs.vscode.override { + isInsiders = true; +}).overrideAttrs (oldAttrs: { + pname = "vscode-insiders"; + version = "latest"; + isInsiders = true; + inherit src; + + buildInputs = oldAttrs.buildInputs ++ [ pkgs.krb5 pkgs.libsoup_3 pkgs.webkitgtk_4_1 ]; + + meta = oldAttrs.meta // { + mainProgram = "code-insiders"; + }; +}) \ No newline at end of file