env:
  CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
  CI_ALLOW_ROOT: '1'
  CI_CONFIG: ./ci/flake-cron.nix
  CI_PLATFORM: gh-actions
jobs:
  ci-check:
    name: flake-update check
    runs-on: ubuntu-latest
    steps:
    - id: checkout
      name: git clone
      uses: actions/checkout@v4
      with:
        fetch-depth: 0
        submodules: false
    - id: nix-install
      name: nix install
      uses: arcnmx/ci/actions/nix/install@v0.7
    - id: ci-action-build
      name: nix build ci.gh-actions.configFile
      uses: arcnmx/ci/actions/nix/build@v0.7
      with:
        attrs: ci.gh-actions.configFile
        out-link: .ci/workflow.yml
    - id: ci-action-compare
      name: gh-actions compare
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        args: -u .github/workflows/flake-update.yml .ci/workflow.yml
        attrs: nixpkgs.diffutils
        command: diff
  flake-update:
    name: flake-update
    runs-on: ubuntu-latest
    steps:
    - id: checkout
      name: git clone
      uses: actions/checkout@v4
      with:
        fetch-depth: 0
        submodules: false
    - id: nix-install
      name: nix install
      uses: arcnmx/ci/actions/nix/install@v0.7
    - env:
        CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
        NF_CONFIG_ROOT: ${{ github.workspace }}
        NF_UPDATE_CACHIX_PUSH: '1'
        NF_UPDATE_GIT_COMMIT: '1'
      id: flake-update
      name: flake update build
      run: nix run .#nf-update
    - id: ci-dirty
      name: nix test dirty
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.flake-update.run.test
        command: ci-build-dirty
        quiet: false
        stdout: ${{ runner.temp }}/ci.build.dirty
    - id: ci-test
      name: nix test build
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.flake-update.run.test
        command: ci-build-realise
        ignore-exit-code: true
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.dirty
    - env:
        CI_EXIT_CODE: ${{ steps.ci-test.outputs.exit-code }}
      id: ci-summary
      name: nix test results
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.flake-update.run.test
        command: ci-build-summarise
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.dirty
        stdout: ${{ runner.temp }}/ci.build.cache
    - env:
        CACHIX_SIGNING_KEY: ${{ secrets.CACHIX_SIGNING_KEY }}
      id: ci-cache
      if: always()
      name: nix test cache
      uses: arcnmx/ci/actions/nix/run@v0.7
      with:
        attrs: ci.job.flake-update.run.test
        command: ci-build-cache
        quiet: false
        stdin: ${{ runner.temp }}/ci.build.cache
name: flake-update
'on':
  pull_request:
    paths:
    - default.nix
    - ci/flake-cron.nix
    - .github/workflows/flake-update.yml
  push:
    paths:
    - default.nix
    - ci/flake-cron.nix
    - .github/workflows/flake-update.yml
  schedule:
  - cron: 0 0 * * *
  workflow_dispatch: {}