name: Update lockfiles

on:
  schedule:
    # run every friday
    - cron: "0 0 * * 5"
  workflow_dispatch:

jobs:
  update:
    name: Run update
    runs-on: ubuntu-latest

    permissions:
      contents: write
      pull-requests: write

    env:
      PR_BRANCH: "update-lockfiles"

    steps:
      - uses: actions/checkout@v4

      - name: Install Nix
        uses: cachix/install-nix-action@v26

      - name: Set Git user info
        run: |
          git config user.name 'github-actions[bot]'
          git config user.email 'github-actions[bot]@users.noreply.github.com'

      - name: Create new branch
        id: branch
        run: |
          git switch -c "$PR_BRANCH"

      - name: Update flake inputs
        run: |
          pushd dev

          nix flake update \
            --commit-lock-file \
            --commit-lockfile-summary "chore: update dev flake inputs"

          popd

      - name: Update upstream sources
        run: |
          nix run --inputs-from ./dev \
            nixpkgs#nvfetcher -- --commit-changes

      - name: Make PR if needed
        env:
          GH_TOKEN: ${{ github.token }}
        run: |
          if ! git diff --color=always --exit-code origin/main; then
            git fetch origin "$PR_BRANCH" || true
            git push --force-with-lease -u origin "$PR_BRANCH"

            open_prs="$(gh pr list --base main --head "$PR_BRANCH" | wc -l)"
            if [ "$open_prs" -eq 0 ]; then
              gh pr create \
                --base main \
                --head "$PR_BRANCH" \
                --title "chore: update lockfiles" \
                --fill
            fi
          fi