name: Update flake

on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * 0" # weekly

jobs:
  update:
    if: github.repository == 'notashelf/nyxpkgs'
    runs-on: ubuntu-latest

    permissions:
      contents: write

    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          token: "${{ secrets.GH_TOKEN}}"

      - uses: DeterminateSystems/nix-installer-action@main

      - uses: cachix/cachix-action@v13
        with:
          name: nyx
          authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"

      - name: Update flake
        run: nix flake update

      - uses: stefanzweifel/git-auto-commit-action@v5
        with:
          commit_message: "[CI]: update flake inputs"
          push_options: "--force"
          commit_user_name: GitHub Actions

  build:
    needs: update
    uses: ./.github/workflows/build.yml
    secrets: inherit