name: Push packages to AsterNixOS's development cache on Cachix

on:
  workflow_dispatch:
  pull_request:
    paths:
      - .github/workflows/push_cachix_pkgs.yml
      - distro/**
  push:
    branches:
      - main
    paths:
      - .github/workflows/push_cachix_pkgs.yml
      - distro/**

jobs:
  push-pkgs:
    runs-on: ubuntu-4-cores-150GB-ssd
    container:
      image: asterinas/asterinas:0.17.0-20251228
      options: -v /dev:/dev --privileged
    timeout-minutes: 60
    steps:
      - uses: actions/checkout@v4

      - name: Modify configuration.nix to include xfce and podman
        run: |
          sed -i \
            -e 's/^[[:space:]]*# services\.xserver\.enable = true;/  services.xserver.enable = true;/' \
            -e 's/^[[:space:]]*# services\.xserver\.desktopManager\.xfce\.enable = true;/  services.xserver.desktopManager.xfce.enable = true;/' \
            -e 's/^[[:space:]]*# virtualisation\.podman\.enable = true;/  virtualisation.podman.enable = true;/' \
            distro/etc_nixos/configuration.nix

      - name: Build Asterinas NixOS patched packages (dry run)
        if: github.event_name == 'pull_request'
        run: |
          make kernel BOOT_PROTOCOL=linux-efi-handover64 || true
          make cachix

      - name: Build Asterinas NixOS patched packages and push to development cache
        if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
        run: |
          make kernel BOOT_PROTOCOL=linux-efi-handover64 || true
          export CACHIX_AUTH_TOKEN=${{ secrets.CACHIX_AUTH_TOKEN_FOR_DEV_CACHE }}
          make push_cachix 2>&1 | tee cachix.log || true
          tail --lines 10 cachix.log | grep -q -E "^(All done|Nothing to push)" || (echo "Push cachix failed" && exit 1)
          echo "Push cachix succeeds!"