Auto-update README when supported branches list changes

[lucperkins]

The README provides a list of supported Nixpkgs branches:

Thus far I've been updating this manually but far better to automate.

Summary by CodeRabbit

• New Features

  • Per-system development shells and packages; added an automated README generation command.

• Documentation

  • Added a comprehensive README template for usage, configuration, examples and integration.
  • Minor formatting cleanup (trailing blank line) in README.

• Chores

  • CI updated to run README update on failure and reflect that in PR messages.
  • Build workflow skips dev-shell caching for unsupported macOS system.

[coderabbitai]

Walkthrough

Adds a conditional CI step to regenerate README when the ref-statuses step fails and updates the PR commit message; refactors flake.nix to add a public easy-template input and per-system outputs/devShells including an update-readme action; adds a README template and a minor README formatting edit; adds a CI guard for darwin.

Changes

Cohort / File(s)	Summary
CI: ref-statuses workflow \.github/workflows/ref-statuses.yaml	Adds a conditional step "Update README in light of new list" that runs nix develop --command update-readme when the prior step fails; updates the "Create pull request" commit message to mention README updates while still creating a PR on failure.
CI: build workflow guard \.github/workflows/build.yaml	Adds an if guard to skip the "Build and cache dev shell" step for x86_64-darwin (matrix.systems.nix-system == 'x86_64-darwin').
Flake: inputs and per-system outputs/devShells flake.nix	Adds public input easy-template; refactors outputs to produce per-system rust toolchains, packages, and devShells/apps via forAllSystems; introduces an update-readme devShell/app that uses inputs.easy-template and jq to regenerate README.md.
Templates: new README template templates/README.md.handlebars	Adds a comprehensive README template documenting usage, config, CEL policy examples, CI integration, telemetry, parser notes, and examples (documentation only).
Docs formatting README.md	Adds a trailing blank line after the [val] reference block (cosmetic formatting only).

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor GH as GitHub Actions
  participant WF as ref-statuses workflow
  participant NIX as nix develop
  participant GEN as update-readme

  GH->>WF: trigger workflow
  WF->>WF: run ref-statuses update step
  alt ref-statuses step failed
    WF->>NIX: run `nix develop --command update-readme`
    NIX->>GEN: execute update-readme (uses inputs.easy-template + jq)
    GEN-->>WF: README.md updated
    WF->>GH: create PR (commit message mentions ref-statuses and README)
  else ref-statuses step succeeded
    WF-->>GH: continue without README update
  end

Loading

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant DevShell as per-system devShell
  participant Gen as update-readme
  participant ET as inputs.easy-template
  participant JQ as jq
  participant Repo as README.md

  Dev->>DevShell: enter devShell (per-system)
  Dev->>Gen: run update-readme
  Gen->>ET: render README template
  Gen->>JQ: process ref-statuses JSON
  Gen->>Repo: write README.md
  Repo-->>Dev: README updated locally

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

A rabbit nibbles at bits of code,
Flakes and templates along the road.
When CI falters, I hop to mend,
I render README, then PR I send.
🐇📜✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title clearly and concisely summarizes the main change of the pull request—automatically updating the README in response to supported branches list changes—and aligns directly with the added workflow step and template updates that implement this behavior.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch templatize-readme

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a351557 and f51d974.

📒 Files selected for processing (1)

• .github/workflows/build.yaml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Check flake.lock test (CEL condition)
• GitHub Check: Check flake.lock test (clean 👼)
• GitHub Check: Check flake.lock test (dirty 😈)
• GitHub Check: Nix and Rust checks
• GitHub Check: Test Rust

🔇 Additional comments (1)

.github/workflows/build.yaml (1)

41-43: Guard now skips the macOS x86_64 cache step correctly.

Wrapping the comparison inside the expression braces fixes the prior always-true condition. LGTM.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

templates/README.md.tpl (1)

31-33: Consider displaying branch statuses.

The template iterates over branches but only displays keys. Since ref-statuses.json contains status values (rolling, beta, stable, deprecated, unmaintained) and the template documents these in the refStatuses variable description (Line 69), consider enhancing the display to show statuses alongside branch names.

For example:

 {{#each supported}}
-- `{{@key}}`
+- `{{@key}}` ({{this}})
 {{/each}}

This would output entries like:

• nixos-24.11 (stable)
• nixos-unstable (rolling)

flake.nix (1)

133-146: ref-statuses.json format verified

It’s a valid JSON object and yields the expected supported keys; no functional changes required. Optional: add a file-existence/JSON-validation check in the update-readme script for clearer errors.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9753d4a and 3023994.

⛔ Files ignored due to path filters (1)

• flake.lock is excluded by !**/*.lock

📒 Files selected for processing (4)

• .github/workflows/ref-statuses.yaml (1 hunks)
• README.md (1 hunks)
• flake.nix (2 hunks)
• templates/README.md.tpl (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Check flake.lock test (clean 👼)
• GitHub Check: Check flake.lock test (dirty 😈)
• GitHub Check: Check flake.lock test (CEL condition)
• GitHub Check: Nix and Rust checks
• GitHub Check: Test Rust

🔇 Additional comments (6)

templates/README.md.tpl (1)

1-158: LGTM!

The template is comprehensive and well-structured, covering all essential documentation sections for the Nix Flake Checker. The Handlebars syntax is correct and aligns with the easy-template tool being used.

flake.nix (2)

15-18: LGTM!

The easy-template input is correctly declared with proper nixpkgs follows to avoid duplicate dependencies.

---

21-179: LGTM!

The per-system refactoring and new devShells structure are well-organized. The forSystems function is now more explicit and maintainable.

README.md (1)

165-165: LGTM!

Trivial formatting change adding a trailing newline, which is a common convention.

.github/workflows/ref-statuses.yaml (2)

27-30: LGTM!

The new README update step is correctly positioned after the ref-statuses.json update and before creating the PR. The if: failure() condition ensures it only runs when the ref-statuses check detects changes.

---

36-36: LGTM!

The commit message accurately reflects that both ref-statuses.json and README.md are being updated.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

flake.nix (1)

140-147: Add a trap to clean up the temp dir on failure.

Line 140 creates a temp directory but the cleanup on Line 146 only runs if the script finishes successfully; any earlier failure leaves the directory behind. Install a trap right after mktemp so the directory is removed no matter how the script exits, and you can drop the final manual rm -rf.

 tmp=$(mktemp -d)
-inputs="''${tmp}/template-inputs.json"
+trap 'rm -rf "''${tmp}"' EXIT
+inputs="''${tmp}/template-inputs.json"
 ...
-easy-template ./templates/README.md.handlebars "''${inputs}" > README.md
-
-rm -rf "''${tmp}"
+easy-template ./templates/README.md.handlebars "''${inputs}" > README.md

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 3023994 and b65143a.

📒 Files selected for processing (1)

• flake.nix (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Check flake.lock test (dirty 😈)
• GitHub Check: Check flake.lock test (clean 👼)
• GitHub Check: Check flake.lock test (CEL condition)
• GitHub Check: Test Rust
• GitHub Check: Nix and Rust checks

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

templates/README.md.handlebars (1)

155-155: Use absolute URL for pull requests link.

The relative path /pulls may not resolve correctly when the README is viewed outside of the GitHub repository context (e.g., in package documentation, mirrors, or local clones).

Apply this diff to use the full GitHub URL:

-[prs]: /pulls
+[prs]: https://github.com/DeterminateSystems/flake-checker/pulls

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b65143a and 983a0d9.

📒 Files selected for processing (1)

• templates/README.md.handlebars (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Check flake.lock test (dirty 😈)
• GitHub Check: Check flake.lock test (clean 👼)
• GitHub Check: Check flake.lock test (CEL condition)
• GitHub Check: Nix and Rust checks
• GitHub Check: Test Rust

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 983a0d9 and a351557.

📒 Files selected for processing (1)

• .github/workflows/build.yaml (1 hunks)

🧰 Additional context used

🪛 actionlint (1.7.7)

.github/workflows/build.yaml

43-43: if: condition "${{ matrix.systems.nix-system }} != 'x86_64-darwin'" is always evaluated to true because extra characters are around ${{ }}

(if-cond)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Check flake.lock test (clean 👼)
• GitHub Check: Check flake.lock test (CEL condition)
• GitHub Check: Check flake.lock test (dirty 😈)
• GitHub Check: Test Rust
• GitHub Check: Nix and Rust checks