name: Update flake.lock

on:
  schedule:
    # run every saturday
    - cron: '0 0 * * 6'
  workflow_dispatch:

jobs:
  update:
    name: Run update
    runs-on: ubuntu-latest

    permissions:
      contents: write
      pull-requests: write

    env:
      PR_BRANCH: 'update-lockfiles'

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install Nix
        uses: DeterminateSystems/nix-installer-action@v11

      - name: Set Git user info
        run: |
          git config user.name 'github-actions[bot]'
          git config user.email 'github-actions[bot]@users.noreply.github.com'

      - name: Update flake inputs
        run: |
          nix flake update \
            --commit-lock-file \
            --commit-lockfile-summary "nix: update flake.lock"

      - name: Create PR
        id: cpr
        uses: peter-evans/create-pull-request@v6
        with:
          base: 'main'
          branch: 'update-locks'
          delete-branch: true
          title: 'chore(nix): update lockfiles'
          body: 'Automated pull request to update flake locks'

      - name: Enable Pull Request Automerge
        if: steps.cpr.outputs.pull-request-operation == 'created'
        uses: peter-evans/enable-pull-request-automerge@v3
        with:
          pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
          merge-method: rebase