name: cachix

on:
  pull_request:
    branches: [ "main" ]
  push:
    branches: ["main"]
  workflow_dispatch:
    inputs:
      target_branch:
        description: "Target branch to upload cachix"
        type: string
        required: true

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
      - uses: cachix/install-nix-action@v27
        with:
          extra_nix_config: |
            access-tokens = github.com=${{ github.token }}
      - uses: cachix/cachix-action@v15
        with:
          name: nixsgx
          authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
      - name: Enable magic Nix cache
        uses: DeterminateSystems/magic-nix-cache-action@main

      - name: nix build
        run: nix run github:nixos/nixpkgs/nixos-23.11#nixci

      - name: manual cachix upload
        run: |
          a=($(nix flake show --accept-flake-config --json | jq -r ".packages.\"x86_64-linux\" | keys | @sh" | tr -d \\\' ))
          nix build --accept-flake-config --json "${a[@]/#/.#}" | jq -r '.[].outputs | to_entries[].value' | cachix push nixsgx