name: Flake Update / Build

on:
  workflow_dispatch:
  schedule:
    # At minute 00:00 on Monday, Wednesday, and Friday.
    - cron: 0 0 * * 1,3,5

permissions:
  contents: write

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  build-minimal:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      # needed to access ghostty repo for now
      - name: Setup SSH
        uses: MrSquaare/ssh-setup-action@v3
        with:
            host: github.com
            private-key: ${{ secrets.SSH_PRIVATE_KEY }}

      - uses: daylin-bot/actions/setup@main
      - uses: ./.github/actions/clean-disk

      - run: git checkout -B flake-lock

      - uses: DeterminateSystems/nix-installer-action@v15
        with:
          source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
          extra-conf: |
            experimental-features = pipe-operator
            accept-flake-config = true

      - name: Install and login to attic cache
        run: |
          nix profile install "nixpkgs#attic-client"
          attic login oizys https://attic.dayl.in "${{ secrets.ATTIC_TOKEN }}"

      # - uses: cachix/cachix-action@v15
      #   with:
      #     name: daylin
      #     authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"

      - name: Update nix flake
        run: |
          nix flake update --commit-lock-file
          printf '# Flake Lock\n\n```txt\n%s```\n' \
            "$(git show -s --format='%B')" \
            >> $GITHUB_STEP_SUMMARY

      - name: Pre-build oizys
        run: |
          nix build .
          attic push oizys result

      - name: Build
        run: >
          nix run .
          --
          cache
          --host "othalan"
          --flake .
          --debug
          # --
          # --print-build-logs

      - name: Commit Updates
        uses: daylin-bot/actions/commit-and-push@main
        with:
          push-args: --set-upstream --force origin flake-lock

  build-full:
    needs: build-minimal
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        host:
          - othalan
          - algiz
          - mannaz
          - naudiz
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      # needed to access ghostty repo for now
      - name: Setup SSH
        uses: MrSquaare/ssh-setup-action@v3
        with:
            host: github.com
            private-key: ${{ secrets.SSH_PRIVATE_KEY }}

      - uses: DeterminateSystems/nix-installer-action@v15
        with:
          source-url: https://install.lix.systems/lix/lix-installer-x86_64-linux
          extra-conf: |
            experimental-features = pipe-operator
            accept-flake-config = true

      - uses: ./.github/actions/clean-disk
        with:
          purge-packages: 'true'

      - name: Pre-build oizys
        run: nix build .


      - name: Build
        run: >
          nix run .
          --
          build
          "$(nix run . -- output --host "${{ matrix.host }}" --flake .)"
          --flake .
          --debug
          --
          --keep-going
          # --print-build-logs
          --out-link current

      - run: git checkout flake-lock

      - name: Pre-build oizys
        run: nix build .

      - name: Build Updated
        run: >
          nix run .
          --
          build
          "$(nix run . -- output --host "${{ matrix.host }}" --flake .)"
          --flake .
          --debug
          --
          --keep-going
          # --print-build-logs
          --out-link updated

      - run: |
          echo "# System Diff" >> $GITHUB_STEP_SUMMARY
          nix run "nixpkgs#nvd" -- --color always diff ./current ./updated >> summary.md
          printf '```\n%s\n```\n' "$(nix run "nixpkgs#nvd" -- diff ./current ./updated)" >> $GITHUB_STEP_SUMMARY

      - run: df -h

      - uses: actions/upload-artifact@v4
        with:
          name: ${{ matrix.host }}-summary
          path: summary.md