name: update-flake-lock
on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * 6"

jobs:
  lockfile:
    runs-on: self-hosted
    permissions:
      actions: write
      contents: write
      pull-requests: write
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Update flake.lock
        run: nix flake update
      - name: Create or update flake.lock PR
        env:
          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
          GITEA_URL: https://gitea.tmmworkshop.com
        run: >-
          nix develop .#devShells.x86_64-linux.default -c
          python -m python.gitea_flake_lock update
          --repo "${{ github.repository }}"