name: update nixpkgs inputs

on:
  schedule:
    # run daily at 0:00 utc
    - cron: "0 0 * * *"
  workflow_dispatch:

permissions: read-all

jobs:
  update-nixpkgs:
    runs-on: ubuntu-latest

    steps:
      - name: checkout repo
        uses: actions/checkout@v3

      - name: install nix
        uses: cachix/install-nix-action@v20
        with:
          github_access_token: ${{ secrets.GITHUB_TOKEN }}

      - name: update nixpkgs inputs
        uses: DeterminateSystems/update-flake-lock@v19
        with:
          inputs: nixpkgs nixpkgs-stable
          commit-msg: "chore: update nixpkgs inputs"
          pr-title: "chore: update nixpkgs inputs"
          pr-body: |
            Automated changes by the [update-flake-lock](https://github.com/DeterminateSystems/update-flake-lock) GitHub Action.

            ```
            ${{ env.GIT_COMMIT_MESSAGE }}
            ```

            bors r+
          nix-options: "--accept-flake-config"
          token: ${{ secrets.FLAKE_UPDATE }}