name: Update flake.lock

on:
  schedule:
    # run every saturday
    - cron: "0 0 * * 6"
  workflow_dispatch:

jobs:
  update:
    name: Run update
    runs-on: ubuntu-latest

    permissions:
      contents: write

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install Nix
        uses: DeterminateSystems/nix-installer-action@v13

      - name: Update flake.lock & make PR
        uses: DeterminateSystems/update-flake-lock@v23
        id: update
        with:
          commit-msg: "nix: update flake.lock"
          pr-title: "nix: update flake.lock"
          token: ${{ secrets.MERGE_TOKEN }}

      - name: Enable auto-merge
        if: env.PR_ID != ''
        run: gh pr merge --auto --squash "$PR_ID"
        env:
          GH_TOKEN: ${{ github.token}}
          PR_ID: ${{ steps.update.outputs.pull-request-number }}