feat: add secure_push action #4

	on:
	push:
	branches:
	- testing

	jobs:
	secure-push:
	name: Secure Push
	runs-on: ubuntu-22.04
	steps:
	- uses: cachix/install-nix-action@v27

	- name: Checkout repository
	run: \|
	git clone -b testing \
	https://${{ github.token }}@github.com/${{ github.repository }}

	- name: Check commit bugs
	working-directory: $(basename "${{ github.repository }}")
	run: \|
	BUGED_COMMIT=$(
	git log --name-status HEAD^..HEAD \
	\| grep "feat: Update/Upload" \
	\| grep " package"
	)
	PKGS_CONTENT=$(
	ls ./pkgs/
	)
	MODULES_CONTENT=$(
	ls ./pkgs/
	)
	REPO_CONTENT=$(
	ls ./
	)

	if [[
	"${BUGED_COMMIT}x" != "x"
	\|\| "${PKGS_CONTENT}x" == "x"
	\|\| "${PKGS_CONTENT}x" == "package.nixx"
	\|\| "${PKGS_CONTENT}x" == "default.nixx"
	\|\| "${PKGS_CONTENT}x" == "flake.nixx"
	\|\| "${MODULES_CONTENT}x" == "x"
	\|\| "${MODULES_CONTENT}x" == "package.nixx"
	\|\| "${MODULES_CONTENT}x" == "default.nixx"
	\|\| "${MODULES_CONTENT}x" == "flake.nixx"
	\|\| "${REPO_CONTENT}x" == "x"
	\|\| "${REPO_CONTENT}x" == "package.nixx"
	\|\| "${REPO_CONTENT}x" == "default.nixx"
	\|\| "${REPO_CONTENT}x" == "flake.nixx"
	]]; then
	git reset --hard HEAD^
	git push origin -f

	exit 1
	fi

	- name: Build test
	working-directory: $(basename "${{ github.repository }}")
	run: \|
	EDIT_FILE=$(
	git diff --name-only HEAD^..HEAD \| grep "pkgs/" \| grep "package.nix" \| uniq
	)

	if [ "${PACKAGE_COMMIT}x" == "x" ] && \
	exit 0

	for FILE in "${EDIT_FILE}"; do
	nix-build -E 'with import <nixpkgs> {}; callPackage ./${FILE} {}'
	done

Provide feedback