name: Update Flake and Validate Build

on:
  schedule:
    - cron: "30 00 * * 1"
  workflow_dispatch: # Allow manual triggering

jobs:
  build-and-update:
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
      fail-fast: false # Continue with other jobs even if one fails
    
    runs-on: ${{ matrix.os }}
    
    steps:
      - name: Repository Checkout
        uses: actions/checkout@v4

      - name: Install Nix
        uses: DeterminateSystems/nix-installer-action@v16

      - name: Build and Test Configuration
        id: build
        continue-on-error: true # Continue to next steps even if build fails
        run: |
          # Run the build and capture output
          OUTPUT=$(nix build .# 2>&1)
          echo "build_output<<EOF" >> $GITHUB_ENV
          echo "$OUTPUT" >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV
          
          # Check if build succeeded
          if [ $? -eq 0 ]; then
            echo "build_status=success" >> $GITHUB_ENV
          else
            echo "build_status=failure" >> $GITHUB_ENV
          fi

      - name: Create Issue on Build Failure
        if: env.build_status == 'failure'
        uses: actions/github-script@v7
        with:
          script: |
            const os = '${{ matrix.os }}';
            const buildOutput = process.env.build_output;
            
            await github.rest.issues.create({
              owner: context.repo.owner,
              repo: context.repo.name,
              title: `🔨 Build Failed on ${os}`,
              body: `Build failed during automated validation on ${os}.
              
              <details>
              <summary>Build Output</summary>
              
              \`\`\`
              ${buildOutput}
              \`\`\`
              </details>
              
              Please review the build output and fix any issues.`,
              labels: ['build-failure', 'bug']
            });

      - name: Update flake.lock
        if: matrix.os == 'ubuntu-latest' && env.build_status == 'success'
        uses: DeterminateSystems/update-flake-lock@v24
        with:
          nix-options: --debug --log-format raw
          token: ${{ secrets.FLAKE_TOKEN }}
          pr-title: "deps: update flake.lock"
          pr-labels: |
            dependencies
            automated

      - name: Run Checks
        id: checks
        if: env.build_status == 'success'
        continue-on-error: true
        run: |
          # Run the checks and capture output
          OUTPUT=$(nix flake check 2>&1)
          echo "check_output<<EOF" >> $GITHUB_ENV
          echo "$OUTPUT" >> $GITHUB_ENV
          echo "EOF" >> $GITHUB_ENV
          
          # Check if checks succeeded
          if [ $? -eq 0 ]; then
            echo "check_status=success" >> $GITHUB_ENV
          else
            echo "check_status=failure" >> $GITHUB_ENV
          fi

      - name: Create Issue on Check Failure
        if: env.check_status == 'failure'
        uses: actions/github-script@v7
        with:
          script: |
            const os = '${{ matrix.os }}';
            const checkOutput = process.env.check_output;
            
            await github.rest.issues.create({
              owner: context.repo.owner,
              repo: context.repo.name,
              title: `⚠️ Checks Failed on ${os}`,
              body: `Checks failed during automated validation on ${os}.
              
              <details>
              <summary>Check Output</summary>
              
              \`\`\`
              ${checkOutput}
              \`\`\`
              </details>
              
              Please review the check output and fix any issues.`,
              labels: ['check-failure', 'bug']
            });