name: ci

on:
  push:
    paths:
      - "**.lock"
      - "**.nix"
      - "**.rs"
      - "**.toml"
  pull_request:
    paths:
      - "**.lock"
      - "**.nix"
      - "**.rs"
      - "**.toml"
  workflow_dispatch:

jobs:
  build:
    runs-on: ubuntu-latest

    permissions:
      contents: read
      packages: write

    strategy:
      matrix:
        output: [teawiebot, container]

    env:
      REGISTRY: ghcr.io

    steps:
      - uses: actions/checkout@v3

      - uses: cachix/install-nix-action@v19
        with:
          github_access_token: ${{ secrets.GITHUB_TOKEN }}

      - name: login to ghcr
        if: ${{ matrix.output == 'container' && github.ref == 'refs/heads/main' }}
        uses: docker/login-action@v2
        with:
          registry: ${{ env.REGISTRY }}
          username: "getchoo"
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: build
        run: |
          nix build -L .#${{ matrix.output }}

      - name: upload to ghcr
        if: ${{ matrix.output == 'container' && github.ref == 'refs/heads/main' }}
        run: |
          docker load < result
          docker tag teawiebot:latest ghcr.io/getchoo/teawiebot:latest
          docker push ghcr.io/getchoo/teawiebot:latest