name: Generate dpp.dev sitemap
on:
  schedule:
    - cron: '0 6 * * 6'

permissions:
  contents: read

jobs:
  updater:
    permissions:
      contents: write # Needs to be able to write to the repo.
    name: Generate Sitemap
    if: github.repository == 'brainboxdotcc/DPP'
    runs-on: ubuntu-20.04

    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
        with:
          egress-policy: audit

      - name: Checkout github pages repository
        run: git config --global user.email "robot@dpp.dev" && git config --global user.name "D++ Sitemap Updater Bot" && git clone https://braindigitalis:$PERSONAL_ACCESS_TOKEN@github.com/brainboxdotcc/dpp-web.git /home/runner/dpp-web 
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}

      - name: Install sitemap-generator
        run: npm install -g sitemap-generator-cli

      - name: Run sitemap-generator
        run: cd /home/runner/dpp-web && npx sitemap-generator --no-respect-robots-txt --verbose https://dpp.dev/

      - name: commit and push
        run: cd /home/runner/dpp-web && git add sitemap.xml && git commit -am "Update sitemap" && git pull --ff && git push
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}