name: Host Maintenance

on:
  schedule:
    - cron: "0 3 * * *"   # täglich 03:00
  workflow_dispatch:      # manuell startbar

jobs:
  maintenance:
    name: Update host system
    runs-on: gitea-runner   # MUSS exakt zum Runner-Label passen

    steps:
      # --- Debug / Sicherheit ---
      - name: Show workflow context
        run: |
          echo "Branch: $(git branch --show-current)"
          echo "Commit: $(git rev-parse HEAD)"
          echo "User:       $(whoami)"
          echo "Host:       $(hostname)"
          echo "Date:       $(date)"


      # --- Sicherheitsbremse ---
      - name: Ensure correct branch
        run: |
          BRANCH="$(git branch --show-current)"
          if [ "$BRANCH" != "main" ]; then
            echo "❌ This workflow must run on main (current: $BRANCH)"
            exit 1
          fi

      # --- System Update ---
      - name: Update packages
        run: |
          sudo apt update
          sudo apt -y upgrade

      # --- Optional: Aufräumen ---
      - name: Cleanup
        run: |
          sudo apt -y autoremove
          sudo apt -y autoclean