name: Update nix hashes

on:
  push:
    branches-ignore:
      - master
    tags-ignore:
      - '**'

jobs:
  update-hash:
    if: github.actor != 'dependabot[bot]'
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
      with:
        # This is needed to be able to push and trigger CI with that push
        token: ${{ secrets.NIV_UPDATER_TOKEN }}
    - uses: cachix/install-nix-action@v22
      with:
        nix_path: nixpkgs=channel:nixos-22.11
    - uses: cachix/cachix-action@v12
      with:
        name: ic-hs-test
        authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
    - name: Update drun cargo hash
      run: |
        cd nix
        nix shell -f . nix-update -c nix-update --version=skip drun
    - name: Update ic-wasm cargo hash
      run: |
        nix shell -f default.nix nix-update -c nix-update --version=skip ic-wasm
    - name: Commit changes
      uses: EndBug/add-and-commit@v9.1.3
      with:
        default_author: github_actions
        author_name: Nix hash updater
        github_token: ${{ secrets.NIV_UPDATER_TOKEN }}
        committer_name: GitHub Actions
        committer_email: actions@github.com
        message: "Updating nix hashes"