.github/workflows/build.yml

name: build-release

on:
  create:
    branches: [ 'release/**' ] ## To create a release PR
  push:
    branches: [ main ]
    tags: [ 'v*' ]
    paths-ignore:
      - '.github/ISSUE_TEMPLATE/**'
      - '.github/*.yml'
      - '*.md'
      - 'LICENSE'
  pull_request:
    types: [ opened, synchronize, reopened, closed ]
    branches: [ main ]

env:
  ENABLE_TEST: true
  ENABLE_GH_MAVEN: true
  ENABLE_GRADLE_PLUGIN: true
  ENABLE_SONAR: true

jobs:
  context:
    runs-on: ubuntu-latest
    outputs:
      branch: ${{ steps.context.outputs.branch }}
      shouldBuild: ${{ steps.context.outputs.decision_build }}
      shouldPublish: ${{ steps.context.outputs.decision_publish }}
      isRelease: ${{ steps.context.outputs.isTag && steps.context.outputs.onRelease }}
      version: ${{ steps.context.outputs.version }}
      commitId: ${{ steps.context.outputs.commitShortId }}
      semanticVersion: ${{ steps.semantic.outputs.semanticVersion }}

    steps:
      - uses: actions/checkout@v4
        with:
          token: ${{ secrets.BEEIO_CI_TOKEN }}

      - name: Import GPG key
        uses: crazy-max/ghaction-import-gpg@v6
        with:
          git_user_signingkey: true
          git_commit_gpgsign: true
          git_tag_gpgsign: true
          git_push_gpgsign: false
          gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }}

      - name: Project context
        id: context
        uses: zero88/gh-project-context@v2
        with:
          changelog: true
          mustSign: true
          nextVerMode: MINOR
          token: ${{ secrets.BEEIO_CI_TOKEN }}

      - name: Find semantic version
        id: semantic
        shell: bash
        run: |
          [[ "${{ steps.context.outputs.isTag }}" == "true" ]] && sv="" || sv=$(grep semanticVersion gradle.properties | cut -d'=' -f2)
          echo semanticVersion=$sv >> $GITHUB_OUTPUT

  build:
    runs-on: ubuntu-latest
    needs: context
    if: needs.context.outputs.shouldBuild == 'true'
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 17
          cache: 'gradle'

      - name: Cache Gradle packages
        uses: actions/cache@v4
        with:
          path: |
            ~/.gradle/caches
            ~/.gradle/wrapper
          key: ${{ runner.os }}-gradle-build-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
          restore-keys: ${{ runner.os }}-gradle-build

      - name: Build
        run: |
          ./gradlew clean build -x test \
                          -Pversion=${{ needs.context.outputs.version }} \
                          -PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \
                          -PbuildBy="GitHub Action" \
                          -PbuildHash=${{ needs.context.outputs.commitId }} \
                          --no-daemon

      - name: Cache SonarCloud packages
        uses: actions/cache@v4
        if: env.ENABLE_TEST == 'true'
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-gradle-sonar-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
          restore-keys: ${{ runner.os }}-gradle-sonar

      - name: Test
        if: env.ENABLE_TEST == 'true'
        run: ./gradlew test

      - name: SonarQube
        if: needs.context.outputs.shouldPublish == 'true' && env.ENABLE_TEST == 'true' && env.ENABLE_SONAR == 'true'
        run: |
          ./gradlew sonarqube --info -x test \
            -Dsonar.branch.name=${{ needs.context.outputs.branch }} \
            -Dorg.gradle.jvmargs="-Xmx2g -XX:MaxMetaspaceSize=512m -XX:+HeapDumpOnOutOfMemoryError"
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.OSS_SONARQUBE_TOKEN }}

  publish-snapshot:
    name: Publish to Sonatype OSSRH
    runs-on: ubuntu-latest
    needs: [ build, context ]
    if: needs.context.outputs.shouldPublish == 'true' && needs.context.outputs.isRelease != 'true'
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 11
          cache: 'gradle'

      - name: Publish
        run: |
          args=( -Pversion=${{ needs.context.outputs.version }} \
                 -PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \
                 -Pnexus.username=${{ secrets.ORG_NEXUS_USER }} \
                 -Pnexus.password=${{ secrets.ORG_NEXUS_TOKEN }} )
          ./gradlew publishToSonatype "${args[@]}"

  publish-release:
    name: Release to Sonatype OSSRH
    runs-on: ubuntu-latest
    needs: [ build, context ]
    if: needs.context.outputs.isRelease == 'true'
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 11
          cache: 'gradle'

      - name: Import GPG key
        id: import_gpg
        uses: crazy-max/ghaction-import-gpg@v6
        with:
          git_user_signingkey: true
          gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }}

      - name: Publish
        run: |
          args=( -Pversion=${{ needs.context.outputs.version }} \
                 -PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \
                 -PbuildBy="GitHub Action" \
                 -PbuildHash=${{ needs.context.outputs.commitId }} \
                 -Psigning.gnupg.homeDir=/home/runner/.gnupg \
                 -Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \
                 -Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \
                 -Pnexus.username=${{ secrets.ORG_NEXUS_USER }} \
                 -Pnexus.password=${{ secrets.ORG_NEXUS_TOKEN }} )
          ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository -Prelease "${args[@]}"

  publish-plugin:
    name: Release to Gradle plugin
    runs-on: ubuntu-latest
    needs: [ build, context ]
    if: needs.context.outputs.isRelease == 'true'
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 11
          cache: 'gradle'

      - name: Import GPG key
        id: import_gpg
        uses: crazy-max/ghaction-import-gpg@v6
        with:
          git_user_signingkey: true
          gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }}

      - name: Publish Gradle plugin
        if: env.ENABLE_GRADLE_PLUGIN == 'true'
        run: |
          ./gradlew publishPlugins \
                  -Prelease \
                  -Pversion=${{ needs.context.outputs.version }} \
                  -PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \
                  -PbuildBy="GitHub Action" -PbuildHash=${{ needs.context.outputs.commitId }} \
                  -Psigning.gnupg.homeDir=/home/runner/.gnupg \
                  -Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \
                  -Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \
                  -Pgradle.publish.key=${{ secrets.OSS_GRADLE_KEY }} \
                  -Pgradle.publish.secret=${{ secrets.OSS_GRADLE_SECRET }}

  publish-github:
    name: Release to GitHub Package
    runs-on: ubuntu-latest
    needs: [ build, context ]
    if: needs.context.outputs.isRelease == 'true'
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 11
          cache: 'gradle'

      - name: Import GPG key
        id: import_gpg
        uses: crazy-max/ghaction-import-gpg@v6
        with:
          git_user_signingkey: true
          gpg_private_key: ${{ secrets.OSS_GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.OSS_GPG_PASSPHARSE }}

      - name: Publish GitHub Package
        if: env.ENABLE_GH_MAVEN == 'true'
        run: |
          args=( -Pversion=${{ needs.context.outputs.version }} \
                 -PsemanticVersion=${{ needs.context.outputs.semanticVersion }} \
                 -PbuildBy="GitHub Action" -PbuildHash=${{ needs.context.outputs.commitId }} \
                 -Psigning.gnupg.homeDir=/home/runner/.gnupg \
                 -Psigning.gnupg.keyName=${{ steps.import_gpg.outputs.keyid }} \
                 -Psigning.gnupg.passphrase=${{ secrets.OSS_GPG_PASSPHARSE }} \
                 -Pnexus.username=${{ github.repository_owner }} \
                 -Pnexus.password=${{ secrets.BEEIO_CI_TOKEN }} )
          args+=( -Pgithub )
          ./gradlew publishToGitHub -Prelease "${args[@]}"

  release:
    runs-on: ubuntu-latest
    needs: [ build, context, publish-release, publish-plugin, publish-github ]
    if: needs.context.outputs.isRelease == 'true'
    steps:
      - name: Create GitHub Release
        uses: actions/create-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ needs.context.outputs.branch }}
          release_name: Release ${{ needs.context.outputs.branch }}
          generate_release_notes: true