name: Release

on:
  schedule:
    - cron: '0 9 * * *'

  workflow_dispatch:
    inputs:
      web:
        description: 'Release Web?'
        required: true
        type: boolean
        default: false
      desktop:
        description: 'Release Desktop?'
        required: true
        type: boolean
        default: false
      mobile:
        description: 'Release Mobile?'
        required: true
        type: boolean
        default: false
      ios-app-version:
        description: 'iOS App Store Version (Optional, use tag version if empty)'
        required: false
        type: string

permissions:
  contents: write
  pull-requests: write
  actions: write
  id-token: write
  packages: write
  security-events: write
  attestations: write
  issues: write

jobs:
  prepare:
    name: Prepare
    runs-on: ubuntu-latest
    outputs:
      APP_VERSION: ${{ steps.prepare.outputs.APP_VERSION }}
      GIT_SHORT_HASH: ${{ steps.prepare.outputs.GIT_SHORT_HASH }}
      BUILD_TYPE: ${{ steps.prepare.outputs.BUILD_TYPE }}
    steps:
      - uses: actions/checkout@v4
      - name: Prepare Release
        id: prepare
        uses: ./.github/actions/prepare-release

  cloud:
    name: Release Cloud
    if: ${{ inputs.web || github.event_name != 'workflow_dispatch' }}
    needs:
      - prepare
    uses: ./.github/workflows/release-cloud.yml
    secrets: inherit
    with:
      build-type: ${{ needs.prepare.outputs.BUILD_TYPE }}
      app-version: ${{ needs.prepare.outputs.APP_VERSION }}
      git-short-hash: ${{ needs.prepare.outputs.GIT_SHORT_HASH }}

  image:
    name: Release Docker Image
    runs-on: ubuntu-latest
    needs:
      - prepare
      - cloud
    steps:
      - uses: trstringer/manual-approval@v1
        if: ${{ needs.prepare.outputs.BUILD_TYPE == 'stable' }}
        name: Wait for approval
        with:
          secret: ${{ secrets.GITHUB_TOKEN }}
          approvers: forehalo,fengmk2
          fail-on-denial: true
          issue-title: Please confirm to release docker image
          issue-body: |
            Env: ${{ needs.prepare.outputs.BUILD_TYPE }}
            Candidate: ghcr.io/toeverything/affine:${{ needs.prepare.outputs.BUILD_TYPE }}-${{ needs.prepare.outputs.GIT_SHORT_HASH }}
            Tag: ghcr.io/toeverything/affine:${{ needs.prepare.outputs.BUILD_TYPE }}

            > comment with "approve", "approved", "lgtm", "yes" to approve
            > comment with "deny", "deny", "no" to deny

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          logout: false
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Tag Image
        run: |
          docker buildx imagetools create --tag ghcr.io/toeverything/affine:${{needs.prepare.outputs.BUILD_TYPE}} ghcr.io/toeverything/affine:${{needs.prepare.outputs.BUILD_TYPE}}-${{needs.prepare.outputs.GIT_SHORT_HASH}}
          docker buildx imagetools create --tag ghcr.io/toeverything/affine:${{needs.prepare.outputs.APP_VERSION}} ghcr.io/toeverything/affine:${{needs.prepare.outputs.BUILD_TYPE}}-${{needs.prepare.outputs.GIT_SHORT_HASH}}

  desktop:
    name: Release Desktop
    if: ${{ inputs.desktop || github.event_name != 'workflow_dispatch' }}
    needs:
      - prepare
    uses: ./.github/workflows/release-desktop.yml
    secrets: inherit
    with:
      build-type: ${{ needs.prepare.outputs.BUILD_TYPE }}
      app-version: ${{ needs.prepare.outputs.APP_VERSION }}
      git-short-hash: ${{ needs.prepare.outputs.GIT_SHORT_HASH }}

  mobile:
    name: Release Mobile
    if: ${{ inputs.mobile }}
    needs:
      - prepare
    uses: ./.github/workflows/release-mobile.yml
    secrets: inherit
    with:
      build-type: ${{ needs.prepare.outputs.BUILD_TYPE }}
      app-version: ${{ needs.prepare.outputs.APP_VERSION }}
      git-short-hash: ${{ needs.prepare.outputs.GIT_SHORT_HASH }}
      ios-app-version: ${{ inputs.ios-app-version }}