name: update-flake-lock
on:
  schedule:
    - cron: "0 1 * * *"

jobs:
  lockfile:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
          ref: "main"
      - name: Setup sudo (required for the next step)
        run: apt-get update && apt-get install -y sudo
      - name: Setup nix
        uses: cachix/install-nix-action@v22
        with:
          github_access_token: ${{ secrets.GH_ACCESS_TOKEN }}
      - name: Update nix flake lockfile
        run: |
          nix --extra-experimental-features nix-command --extra-experimental-features flakes flake update
      - name: Verify Changed files
        uses: tj-actions/verify-changed-files@v16
        id: verify-changed-files
        with:
          files: |
            flake.lock
      - name: Push updated lockfile
        if: steps.verify-changed-files.outputs.files_changed == 'true'
        run: |
          git diff
          git config --global user.name "Gitea Bot"
          git config --global user.email "bot@git.palkoi.net"
          git add flake.lock
          git commit -m 'choke(nix-lock): bump flake.lock versions'
          git push