name: release

on:
  push:
    branches:
      - master

jobs:
  test:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Setup Node.js
        uses: actions/setup-node@v2.1.1
        with:
          node-version: 14

      - name: Cache Node.js modules
        uses: actions/cache@v2
        with:
          path: ~/.npm
          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            ${{ runner.os }}-node-

      - name: Install dependencies
        run: npm ci
        env:
          SKIP_BUILD: true

      - name: Lint
        run: npm run lint -- --no-fix

  release:
    needs: test

    runs-on: ubuntu-latest

    outputs:
      published: ${{ steps.release.outputs.published }}
      release-version: ${{ steps.release.outputs.release-version }}
      release-version-major: ${{ steps.release.outputs.release-version-major }}
      release-version-minor: ${{ steps.release.outputs.release-version-minor }}

    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Cache Node.js modules
        uses: actions/cache@v2
        with:
          path: ~/.npm
          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
          restore-keys: |
            ${{ runner.os }}-node-

      - name: Install dependencies
        run: npm ci
        env:
          SKIP_BUILD: true

      - name: Turnstyle
        uses: softprops/turnstyle@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Semantic release
        id: release
        uses: ahmadnassri/action-semantic-release@v1
        env:
          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          npm_config_unsafe_perm: true

  alias:
    needs: release
    if: needs.release.outputs.published == 'true'
    runs-on: ubuntu-latest
    strategy:
      matrix:
        alias:
          - version: v${{ needs.release.outputs.release-version-major }}
          - version: v${{ needs.release.outputs.release-version-major }}.${{ needs.release.outputs.release-version-minor }}

    steps:
      - name: Recreate tag
        uses: actions/github-script@v3
        with:
          script: |
            const tag = 'tags/${{ matrix.alias.version }}'
            const repo = {
              owner: context.repo.owner,
              repo: context.repo.repo
            }
            await github.git.deleteRef({ ...repo, ref: tag }).catch(() => {})
            await github.git.createRef({ ...repo, ref: `refs/${tag}` , sha: process.env.GITHUB_SHA })

  docker:
    needs: release
    if: needs.release.outputs.published == 'true'
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        dockerfile:
          - Dockerfile
          - Dockerfile.web
        include:
          - dockerfile: Dockerfile
            docker-image: ${{ github.event.repository.full_name }}
          - dockerfile: Dockerfile.web
            docker-image: ${{ github.event.repository.full_name }}web

    steps:
      - name: Checkout
        uses: actions/checkout@v2

      - name: Prepare
        id: prep
        run: |
          echo ::set-output name=build-date::$(date -u +'%Y-%m-%dT%H:%M:%SZ')

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1
        with:
          platforms: all

      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v1
        with:
          version: latest

      - name: Available platforms
        run: echo ${{ steps.buildx.outputs.platforms }}

      - name: Cache Docker layers
        uses: actions/cache@v2
        id: cache
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-docker-${{ matrix.dockerfile }}-${{ hashFiles('**/package-lock.json') }}-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-docker-${{ matrix.dockerfile }}-${{ hashFiles('**/package-lock.json') }}
            ${{ runner.os }}-docker-${{ matrix.dockerfile }}-
            ${{ runner.os }}-docker-

      - name: Login to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Build and push
        id: docker-build
        uses: docker/build-push-action@v2
        with:
          push: true
          builder: ${{ steps.buildx.outputs.name }}
          context: .
          file: ./${{ matrix.dockerfile}}
          platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6
          tags: |
            ${{ matrix.docker-image }}:latest
            ${{ matrix.docker-image }}:${{ needs.release.outputs.release-version }}
            ${{ matrix.docker-image }}:v${{ needs.release.outputs.release-version-major }}
          cache-from: type=local,src=/tmp/.buildx-cache
          cache-to: type=local,dest=/tmp/.buildx-cache,mode=max
          build-args: |
            VERSION=${{ needs.release.outputs.release-version }}
            BUILD_DATE=${{ steps.prep.outputs.build-date }}
            REVISION=${{ github.sha }}

      - name: Update repo description
        uses: peter-evans/dockerhub-description@v2
        env:
          DOCKERHUB_USERNAME: ${{ secrets.DOCKER_USERNAME }}
          DOCKERHUB_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
          DOCKERHUB_REPOSITORY: ${{ matrix.docker-image }}

      - name: Inspect
        run: |
          docker buildx imagetools inspect ${{ matrix.docker-image }}:${{ needs.release.outputs.release-version }}

      - name: Image digest
        run: echo ${{ steps.docker-build.outputs.digest }}

      - name: Cache hit
        run: echo ${{ steps.cache.outputs.cache-hit }}

      - name: Dump context
        if: always()
        uses: crazy-max/ghaction-dump-context@v1