From 1dcbf0c755cea8b6e5085a21200de779a8dc5044 Mon Sep 17 00:00:00 2001
From: Jake Hillion <jake@hillion.co.uk>
Date: Mon, 1 Apr 2024 17:45:08 +0100
Subject: [PATCH] flake: add automatic update PRs

---
 .drone.yml               | 26 +++++++++++++++++++++++++
 scripts/update_inputs.sh | 41 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100755 scripts/update_inputs.sh

diff --git a/.drone.yml b/.drone.yml
index 53c72a0..a91b671 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -21,6 +21,32 @@ trigger:
     - tag
     - pull_request
 ---
+kind: pipeline
+type: docker
+name: update
+
+steps:
+  - name: update inputs
+    image: nixos/nix:2.20.1
+    environment:
+      GIT_AUTHOR_NAME: Drone
+      GIT_AUTHOR_EMAIL: drone@mg.hillion.co.uk
+      GITEA_SERVER_TOKEN:
+        from_secret: GITEA_TOKEN
+    commands:
+      - mkdir -p ~/.config/nix
+      - echo 'experimental-features = nix-command flakes' > ~/.config/nix/nix.conf
+      - git config credential.helper '!f() { sleep 1; echo "username=drone"; echo "password=${GITEA_SERVER_TOKEN}"; }; f'
+      - scripts/update_inputs.sh
+
+trigger:
+  branch:
+    # - main
+  event:
+    - cron
+    - push
+
+---
 kind: signature
 hmac: 5af72ec77460d7d914f9177c78febed763ea1a33dc0f0e39e7599bbf8f4ad987
 
diff --git a/scripts/update_inputs.sh b/scripts/update_inputs.sh
new file mode 100755
index 0000000..3213411
--- /dev/null
+++ b/scripts/update_inputs.sh
@@ -0,0 +1,41 @@
+#!/usr/bin/env nix-shell
+#!nix-shell -i bash -p nix -p jq -p git -p tea -p yq-go
+set -e
+
+tea logins add --url https://gitea.hillion.co.uk --token $GITEA_SERVER_TOKEN
+
+INIT_HASH=$(git rev-parse HEAD) 
+PULLS=$(tea pulls list --output yaml | grep -v NOTE)
+
+git remote -v
+
+INPUTS=$(nix flake metadata --json | jq '.locks.nodes | keys | .[]' -r)
+for input in $INPUTS; do
+  echo "Starting update for: $input"
+
+  git switch --detach $INIT_HASH
+
+  BRANCH=updater/$input
+  PULL_INDEX=$(echo "$PULLS" | yq ".[] | select( .head == \"$BRANCH\" ) | .index")
+
+  nix flake lock --update-input $input
+  if git diff --exit-code; then
+    if ! [ -z $PULL_INDEX ]; then
+      tea pulls close $PULL_INDEX
+      tea pulls clean $PULL_INDEX
+    fi
+    continue
+  fi
+
+  git switch --force-create updater/$input
+
+  LAST_MODIFIED=$(nix flake metadata --json | jq ".locks.nodes.\"$input\".locked.lastModified")
+  git commit --date="$LAST_MODIFIED" -am "updater: update $input"
+  git push --set-upstream --force origin updater/$input
+
+  
+  exit 1
+done
+
+git switch --detach $INIT_HASH
+