name: Update packages

on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * *" # daily

jobs:
  update:
    if: github.repository == 'notashelf/nyxpkgs'
    runs-on: ubuntu-latest

    permissions:
      contents: write

    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          token: "${{ secrets.GH_TOKEN}}"

      - uses: DeterminateSystems/nix-installer-action@main

      - uses: cachix/cachix-action@v14
        with:
          name: nyx
          authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"

      - name: Update npins
        run: nix run nixpkgs#npins update

      - uses: stefanzweifel/git-auto-commit-action@v5
        with:
          commit_message: "[CI]: update npins"
          push_options: "--force"
          commit_user_name: GitHub Actions

  build:
    needs: update
    uses: ./.github/workflows/build.yml
    secrets: inherit