name: tasks-container-update
on:
  schedule:
    - cron: '0 2 * * 1'
  # can be run manually on https://github.com/cockpit-project/starter-kit/actions
  workflow_dispatch:
jobs:
  tasks-container-update:
    runs-on: ubuntu-latest
    permissions:
      contents: write
      pull-requests: write
      statuses: write
    container:
      image: ghcr.io/cockpit-project/tasks
      options: --user root
    steps:
      - name: Set up configuration and secrets
        run: |
          printf '[user]\n\tname = Cockpit Project\n\temail=cockpituous@gmail.com\n' > ~/.gitconfig
          mkdir -p ~/.config
          echo '${{ secrets.GITHUB_TOKEN }}' > ~/.config/github-token

      - name: Clone repository
        uses: actions/checkout@v4

      # https://github.blog/2022-04-12-git-security-vulnerability-announced/
      - name: Pacify git's permission check
        run: git config --global --add safe.directory /__w/starter-kit/starter-kit

      - name: Run tasks-container-update
        run: |
          make bots
          bots/tasks-container-update