name: Build

on:
  workflow_dispatch:
  workflow_call:
    secrets:
      CACHIX_AUTH_TOKEN:
        required: false

permissions:
  contents: read
  id-token: write

jobs:
  find-uncached:
    name: "Find uncached packages"
    if: github.repository == 'notashelf/nyxexprs'
    runs-on: ubuntu-latest
    outputs:
      uncached: ${{ steps.get-packages.outputs.packages }}
    steps:
      - uses: actions/checkout@v5
      - uses: DeterminateSystems/nix-installer-action@main

      - name: Find packages missing in the cache
        id: get-packages
        run: |
          set -euo pipefail

          packages='[]'
          while read -r package; do
            path="$(nix eval --raw ".#$package" 2>/dev/null)"
            if ! nix path-info --store https://nyx.cachix.org "$path" &>/dev/null; then
              echo "Building $package"
              packages="$(echo -n "$packages" | jq --arg package "$package" --compact-output '. + [$package]')"
            fi
          done < <(nix flake show --json 2>/dev/null | jq --raw-output '.packages."x86_64-linux" | keys_unsorted | map("packages.x86_64-linux.\(.)") | .[]')

          echo -n "packages=$packages" >> "$GITHUB_OUTPUT"
  build-uncached:
    needs: find-uncached
    strategy:
      matrix:
        package: ${{ fromJSON(needs.find-uncached.outputs.uncached) }}
    uses: ./.github/workflows/nix.yml
    with:
      command: nix build "github:notashelf/nyxexprs/${{ github.ref }}#${{ matrix.package }}"
    secrets: inherit