name: Synchronize IDs

on:
  workflow_dispatch:
  schedule:
    # daily run on default "main" branch
    - cron: '30 1 * * *'

jobs:
  sync-ids:
    name: Synchronize IDs
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4

    - name: Cache cargo bin
      uses: actions/cache@v4
      with:
        path: ~/.cargo/bin
        key: rustsec-admin-v0.8.9

    - name: Install rustsec-admin
      run: |
        VERSION="0.8.9"
        if ! ( rustsec-admin --version | grep -q "$VERSION" ); then
          cargo install rustsec-admin --force --vers "$VERSION"
        fi

    - name: Synchronize IDs
      id: sync_ids
      run: |
        mkdir -p /tmp/osv
        curl --silent --output /tmp/osv/advisories.zip https://osv-vulnerabilities.storage.googleapis.com/crates.io/all.zip
        unzip -d /tmp/osv -q /tmp/osv/advisories.zip
        rustsec-admin sync --osv /tmp/osv/ .
        message="Synchronize IDs ($(date +%F))"
        echo "commit_message=${message}" >> $GITHUB_OUTPUT

    - name: Create pull request
      uses: peter-evans/create-pull-request@v6
      with:
        token: ${{ secrets.GITHUB_TOKEN }}
        commit-message: ${{ steps.sync_ids.outputs.commit_message }}
        title: ${{ steps.sync_ids.outputs.commit_message }}
        branch: sync-ids