name: "Update flakes"
on:
  repository_dispatch:
  workflow_dispatch:
  schedule:
    - cron: "00 12 * * *"
jobs:
  createPullRequest:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      # - name: Login to Docker Hub
        # uses: docker/login-action@v3
        # with:
        #   username: ${{ secrets.DOCKERHUB_USERNAME }}
        #   password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Install Nix
        uses: cachix/install-nix-action@v24
        with:
          extra_nix_config: |
            experimental-features = nix-command flakes auto-allocate-uids configurable-impure-env
      - name: Calculate pre-drv
        run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff -- --build .
      # - name: Pull latest docker images
      #   run: nix ./utils/fetch-docker.sh
      - name: Update flake.lock (part 1)
        run: nix flake update
      - name: Calculate post-drv
        run: nix run git+https://nayeonie.com/ahuston-0/flake-update-diff --  --build .
      # - name: Calculate diff
      #   run: nix ./utils/diff-evals.sh
      # - name: Read diff into environment
      #   run: |
      #     delimiter="$(openssl rand -hex 8)"
      #     {
      #     echo "POSTDIFF<<${delimiter}"
      #     cat post-diff
      #     echo "${delimiter}"
      #     } >> $GITHUB_ENV


      # - name: Restore flake.lock for next step
      #   run: git restore flake.lock
      # - name: Update flake.lock
      #   id: update
      #   uses: DeterminateSystems/update-flake-lock@main
      #   with:
      #     token: ${{ secrets.GH_TOKEN_FOR_UPDATES }}
      #     pr-body: |
      #       Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.

      #       ```
      #       {{ env.GIT_COMMIT_MESSAGE }}
      #       ```

      #       ```
      #       {{ env.POSTDIFF }}
      #       ```
      #     pr-labels: |                  # Labels to be set on the PR
      #       dependencies
      #       automated
  update_lockfile:
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main' # ensure workflow_dispatch only runs on main
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Install nix
        uses: https://github.com/DeterminateSystems/nix-installer-action@main
      - name: Setup Attic cache
        uses: ryanccn/attic-action@v0
        with:
          endpoint: ${{ secrets.ATTIC_ENDPOINT }}
          cache: ${{ secrets.ATTIC_CACHE }}
          token: ${{ secrets.ATTIC_TOKEN }}
          skip-push: "true"
      - name: Get pre-snapshot of evaluations
        run: nix ./utils/eval-to-drv.sh pre
      - name: Update flake.lock
        id: update
        run: |
          nix flake update 2> >(tee /dev/stderr) | awk '
            /^• Updated input/ {in_update = 1; print; next}
            in_update && !/^warning:/ {print}
            /^$/ {in_update = 0}
          ' > update.log

          echo "UPDATE_LOG<<EOF" >> $GITHUB_ENV
          cat update.log >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV

          rm update.log
      - name: Get post-snapshot of evaluations
        run: nix ./utils/eval-to-drv.sh post
      - name: Calculate diff
        run: nix ./utils/diff-evals.sh
      - name: Read diff into environment
        run: |
          delimiter="$(openssl rand -hex 8)"
          {
          echo "POSTDIFF<<${delimiter}"
          cat post-diff
          echo "${delimiter}"
          } >> $GITHUB_ENV
      - name: Write PR body template
        uses: https://github.com/DamianReeves/write-file-action@v1.3
        with:
          path: pr_body.template
          contents: |
            - The following Nix Flake inputs were updated:

            ```
            ${{ env.UPDATE_LOG }}
            ```

            ```
            {{ env.POSTDIFF }}
            ```

            Auto-generated by [update.yml][1] with the help of
            [create-pull-request][2].

            [1]: https://nayeonie.com/ahuston-0/nix-dotfiles/src/branch/main/.github/workflows/flake-update.yml
            [2]: https://forgejo.stefka.eu/jiriks74/create-pull-request

      - name: Generate PR body
        uses: pedrolamas/handlebars-action@v2.4.0 # v2.4.0
        with:
          files: "pr_body.template"
          output-filename: "pr_body.md"
      - name: Save PR body
        id: pr_body
        uses: juliangruber/read-file-action@v1
        with:
          path: "pr_body.md"

      - name: Remove temporary files
        run: |
          rm pr_body.template
          rm pr_body.md
          rm pre.json
          rm post.json
          rm post-diff

      - name: Create Pull Request
        id: create-pull-request
        # uses: https://forgejo.stefka.eu/jiriks74/create-pull-request@7174d368c2e4450dea17b297819eb28ae93ee645
        uses: https://nayeonie.com/ahuston-0/create-pull-request@main
        with:
          token: ${{ secrets.GH_TOKEN_FOR_UPDATES  }}
          body: ${{ steps.pr_body.outputs.content }}
          author: '"github-actions[bot]" <github-actions[bot]@users.noreply.github.com>'
          title: 'automated: Update `flake.lock`'
          commit-message: |
            automated: Update `flake.lock`

            ${{ steps.pr_body.outputs.content }}

          branch: update-flake-lock
          delete-branch: true
          pr-labels: |                  # Labels to be set on the PR
            dependencies
            automated
      - name: Push to Attic
        run: nix ./utils/attic-push.bash
        continue-on-error: true
      - name: Print PR number
        run: |
          echo "Pull request number is ${{ steps.create-pull-request.outputs.pull-request-number }}."
          echo "Pull Request URL - ${{ steps.cpr.outputs.pull-request-url }}"
permissions:
  pull-requests: write
  contents: write