Automatic update #1028

	name: "Automatic update"
	on:
	schedule:
	# every day 00:00 +08:00
	- cron: "0 16 * * *"
	workflow_dispatch:

	concurrency: push-to-main

	jobs:
	update:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@main
	with:
	ref: main
	token: "${{ secrets.PAT_FOR_AUTOMATED_UPDATE }}"
	- name: Install nix
	uses: cachix/install-nix-action@master
	with:
	nix_path: nixpkgs=channel:nixos-unstable
	extra_nix_config: \|
	experimental-features = nix-command flakes
	access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
	- name: Setup cachix
	uses: cachix/cachix-action@master
	with:
	name: linyinfeng
	signingKey: "${{ secrets.CACHIX_SIGNING_KEY }}"
	- name: Set swap space
	uses: pierotofy/set-swap-space@master
	with:
	swap-size-gb: 10
	- name: Git config
	run: \|
	git config --global user.email "[email protected]"
	git config --global user.name "Nano"
	- name: Terraform update
	run: \|
	nix develop --command terraform-init -upgrade
	if [ -z "$(git status --porcelain)" ]; then
	echo "repository is clean, skip commit"
	else
	git add --all
	git commit --message "terraform-init -upgrade"
	fi
	- name: Patches update
	run: \|
	set -e
	nix develop --command update-patches
	if [ -z "$(git status --porcelain)" ]; then
	echo "repository is clean, skip commit"
	else
	git add --all
	git commit --message "update-patches"
	fi
	- name: Nix flake update
	run: \|
	nix flake update --commit-lock-file
	- name: Test nix flake show
	run: \|
	nix flake show --all-systems
	- name: Git push
	run: \|
	git push

Provide feedback