name: Cleanup Branches (Merged or Closed)

on:
  schedule:
    - cron: "0 3 * * *"   # daily at 03:00 UTC
  workflow_dispatch:

permissions:
  contents: write
  pull-requests: read

jobs:
  cleanup:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Delete merged or closed branches older than 7 days
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          set -euo pipefail

          CUTOFF_DATE=$(date -u -d "7 days ago" +%s)

          echo "Cutoff timestamp: $CUTOFF_DATE"

          gh pr list \
            --state all \
            --base main \
            --json number,state,mergedAt,closedAt,headRefName \
            --limit 500 |
          jq -r '.[] | select(.state == "MERGED" or .state == "CLOSED") | .headRefName' |
          sort -u |
          while read -r branch; do
            # Schutz
            case "$branch" in
              main|master|develop)
                echo "Skipping protected branch: $branch"
                continue
                ;;
            esac

            echo "Checking if branch still exists: $branch"
            if gh api -X GET repos/${{ github.repository }}/git/refs/heads/$branch 2>/dev/null; then
              CLOSED_OR_MERGED_TS=$(date -d "$branch" +%s 2>/dev/null || date +%s)

              if [ "$CLOSED_OR_MERGED_TS" -lt "$CUTOFF_DATE" ]; then
                echo "Deleting branch: $branch"
                gh api \
                  -X DELETE \
                  repos/${{ github.repository }}/git/refs/heads/$branch \
                  || echo "Failed to delete branch $branch"
              else
                echo "Keeping branch: $branch (recent)"
              fi
            else
              echo "Branch $branch does not exist (already deleted)"
            fi
          done