name: CI

on:
  pull_request:
  push:
    branches: [main]

jobs:
  typescript-action:
    runs-on: ubuntu-latest
    permissions:
      id-token: write
      contents: read
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Check Nixpkgs
        uses: DeterminateSystems/flake-checker-action@main
        with:
          fail-mode: true
      - name: Install Determinate Nix
        uses: DeterminateSystems/determinate-nix-action@v3
      - name: Enable FlakeHub Cache
        uses: DeterminateSystems/flakehub-cache-action@main
      - name: Install pnpm dependencies
        run: nix develop --command pnpm install
      - name: Check formatting
        run: nix develop --command pnpm run check-fmt
      - name: Lint
        run: nix develop --command pnpm run lint
      - name: Build
        run: nix develop --command pnpm run build
      - name: Run test suite
        run: nix develop --command pnpm run test
      - name: Package
        run: nix develop --command pnpm run package
      - name: Check git status
        run: git status --porcelain=v1
      - name: Ensure no staged changes
        run: git diff --exit-code