name: Build release

on:
  push:
    tags: 'v*'

jobs:
  release:
    runs-on: self-hosted
    # root is used for testing, allow it
    if: secrets.ROLE == 'forgejo-integration' || github.repository_owner == 'root'
    steps:
      - uses: actions/checkout@v3

      - id: verbose
        run: |
          # if there are no secrets, be verbose
          if test -z "${{ secrets.TOKEN }}"; then
            value=true
          else
            value=false
          fi
          echo "value=$value" >> "$GITHUB_OUTPUT"

      - id: repository
        run: |
          set -x # comment out
          repository="${{ github.repository }}"
          echo "value=${repository##*/}" >> "$GITHUB_OUTPUT"

      - name: when in a test environment, create a token
        id: token
        if: ${{ secrets.TOKEN == '' }}
        run: |
          set -x # comment out
          apt-get -qq install -y jq
          url="${{ env.GITHUB_SERVER_URL }}"
          hostport=${url##http*://}
          hostport=${hostport%%/}
          doer=root
          api=http://$doer:admin1234@$hostport/api/v1/users/$doer/tokens
          curl -sS -X DELETE $api/release
          token=$(curl -sS -X POST -H 'Content-Type: application/json' --data-raw '{"name": "release", "scopes": ["all"]}' $api | jq --raw-output .sha1)
          echo "value=${token}" >> "$GITHUB_OUTPUT"

      - name: build container & release (when TOKEN secret is not set)
        if: ${{ secrets.TOKEN == '' }}
        uses: ./.forgejo/actions/build-release
        with:
          forgejo: "${{ env.GITHUB_SERVER_URL }}"
          owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
          repository: "${{ steps.repository.outputs.value }}"
          doer: root
          ref_name: "${{ github.ref_name }}"
          token: ${{ steps.token.outputs.value }}
          platforms: linux/amd64,linux/arm64,linux/arm/v6
          binary-name: forgejo
          binary-path: /app/gitea/gitea
          verbose: ${{ steps.verbose.outputs.value }}

      - name: build rootless container (when TOKEN secret is not set)
        if: ${{ secrets.TOKEN == '' }}
        uses: ./.forgejo/actions/build-release
        with:
          forgejo: "${{ env.GITHUB_SERVER_URL }}"
          owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
          repository: "${{ steps.repository.outputs.value }}"
          doer: root
          ref_name: "${{ github.ref_name }}"
          token: ${{ steps.token.outputs.value }}
          platforms: linux/amd64,linux/arm64,linux/arm/v6
          suffix: -rootless
          dockerfile: Dockerfile.rootless
          verbose: ${{ steps.verbose.outputs.value }}

      - name: build container & release (when TOKEN secret is set)
        if: ${{ secrets.TOKEN != '' }}
        uses: ./.forgejo/actions/build-release
        with:
          forgejo: "${{ env.GITHUB_SERVER_URL }}"
          owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
          repository: "${{ steps.repository.outputs.value }}"
          doer: "${{ secrets.DOER }}"
          ref_name: "${{ github.ref_name }}"
          token: "${{ secrets.TOKEN }}"
          platforms: linux/amd64,linux/arm64,linux/arm/v6
          binary-name: forgejo
          binary-path: /app/gitea/gitea
          verbose: ${{ steps.verbose.outputs.value }}

      - name: build rootless container (when TOKEN secret is set)
        if: ${{ secrets.TOKEN != '' }}
        uses: ./.forgejo/actions/build-release
        with:
          forgejo: "${{ env.GITHUB_SERVER_URL }}"
          owner: "${{ env.GITHUB_REPOSITORY_OWNER }}"
          repository: "${{ steps.repository.outputs.value }}"
          doer: "${{ secrets.DOER }}"
          ref_name: "${{ github.ref_name }}"
          token: "${{ secrets.TOKEN }}"
          platforms: linux/amd64,linux/arm64,linux/arm/v6
          suffix: -rootless
          dockerfile: Dockerfile.rootless
          verbose: ${{ steps.verbose.outputs.value }}