name: crane

on:
  pull_request:
    branches: [main]
  push:
    branches: [main]
  schedule:
    - cron: 0 0 * * 1

concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref && github.ref || github.run_id }}
  cancel-in-progress: true

env:
  CARGO_TERM_COLOR: always

jobs:
  check-dependencies:
    name: check-dependencies
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
      actions: write

    strategy:
      matrix:
        system: [x86_64-linux]
        check-type: [my-crate-fmt, my-crate]

    steps:
      - uses: actions/checkout@v3
      - uses: nixbuild/nix-quick-install-action@v32
        with:
          nix_conf: |
            keep-env-derivations = true
            keep-outputs = true

      - name: Restore Nix store cache
        id: cache-nix-restore
        uses: nix-community/cache-nix-action/restore@v6
        with:
          primary-key: nix-${{ runner.os }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
          restore-prefixes-first-match: nix-${{ runner.os }}-

      - run: nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client login nex https://nix.nexveridian.com ${{ secrets.ATTIC_TOKEN }} || true
      - run: nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client cache create ark-invest-api-rust || true
      - run: nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client use ark-invest-api-rust || true

      - run: nix build -I nixpkgs=channel:nixos-unstable nixpkgs#nix-fast-build
      - name: Save Nix store cache
        id: cache-nix-save
        uses: nix-community/cache-nix-action/save@v6
        with:
          primary-key: nix-${{ runner.os }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
          gc-max-store-size-linux: 2G
          purge: true
          purge-prefixes: nix-${{ runner.os }}-
          purge-created: 0
          purge-last-accessed: 0
          purge-primary-key: never

      - name: check
        run: |
          nix run -I nixpkgs=channel:nixos-unstable nixpkgs#nix-fast-build -- --flake ".#checks.$(nix eval --raw --impure --expr builtins.currentSystem).${{ matrix.check-type }}" --no-nom --skip-cached

      - name: Push to attic
        if: always()
        run: |
          for i in {1..10}; do
            nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client push ark-invest-api-rust /nix/store/*/ && break || [ $i -eq 5 ] || sleep 5
          done

  check-matrix:
    name: check-matrix
    needs: check-dependencies
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
      actions: write

    strategy:
      fail-fast: false
      matrix:
        system: [x86_64-linux]
        check-type: [my-crate-clippy, my-crate-nextest]

    steps:
      - uses: actions/checkout@v3
      - uses: nixbuild/nix-quick-install-action@v32
        with:
          nix_conf: |
            keep-env-derivations = true
            keep-outputs = true

      - name: Restore Nix store cache
        id: cache-nix-restore
        uses: nix-community/cache-nix-action/restore@v6
        with:
          primary-key: nix-${{ runner.os }}-${{ hashFiles('**/*.nix', '**/flake.lock') }}
          restore-prefixes-first-match: nix-${{ runner.os }}-

      - run: nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client login nex https://nix.nexveridian.com ${{ secrets.ATTIC_TOKEN }} || true
      - run: nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client cache create ark-invest-api-rust || true
      - run: nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client use ark-invest-api-rust || true

      - name: check
        run: |
          nix run -I nixpkgs=channel:nixos-unstable nixpkgs#nix-fast-build -- --flake ".#checks.$(nix eval --raw --impure --expr builtins.currentSystem).${{ matrix.check-type }}" --no-nom --skip-cached

      - name: Push to attic
        if: always()
        run: |
          for i in {1..10}; do
            nix run -I nixpkgs=channel:nixos-unstable nixpkgs#attic-client push ark-invest-api-rust /nix/store/*/ && break || [ $i -eq 5 ] || sleep 5
          done