name: Cleanup Branches (Merged or Closed)

on:
  schedule:
    - cron: "0 3 * * *"   # daily at 03:00 UTC
  workflow_dispatch:

permissions:
  contents: write
  pull-requests: read

jobs:
  cleanup:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Delete merged or closed branches older than 7 days
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          set -euo pipefail

          CUTOFF_DATE=$(date -u -d "7 days ago" +%s)

          echo "Cutoff timestamp: $CUTOFF_DATE"

          gh pr list \
            --state all \
            --base main \
            --json number,state,mergedAt,closedAt,headRefName \
            --limit 500 |
          jq -r --arg cutoff "$CUTOFF_DATE" '.[] |
            select(.state == "MERGED" or .state == "CLOSED") |
            select(((.mergedAt // .closedAt) | fromdateiso8601) < ($cutoff | tonumber)) |
            .headRefName' |
          sort -u |
          while read -r branch; do
            # Schutz
            case "$branch" in
              main|master|develop)
                echo "Skipping protected branch: $branch"
                continue
                ;;
            esac

            echo "Checking if branch still exists: $branch"
            if gh api -X GET repos/${{ github.repository }}/git/refs/heads/$branch 2>/dev/null; then
              echo "Deleting branch: $branch"
              gh api \
                -X DELETE \
                repos/${{ github.repository }}/git/refs/heads/$branch \
                || echo "Failed to delete branch $branch"
            else
              echo "Branch $branch does not exist (already deleted)"
            fi
          done