on:
  push:
    branches:
      - master

jobs:
  deploy:
    permissions:
      contents: read
      id-token: write
    name: build hive configuration
    runs-on: ubuntu-22.04
    steps:
      - uses: cachix/install-nix-action@v31
      - uses: actions/checkout@v4
      - name: Install SSH key
        uses: shimataro/ssh-key-action@v2
        with:
          key: ${{ secrets.SSH_KEY }}
          known_hosts: ${{ secrets.KNOWN_HOSTS }}
      - uses: http://github.com/cachix/cachix-action@v16
        with:
          name: colmena
      - run: nix run .#colmena apply