name: "[Deployment] Release"

on:
  push:
    branches:
      - main
      - beta
      - dev
  workflow_dispatch:
    inputs:
      send-notifications:
        type: boolean
        required: false
        default: true
        description: Send notifications

permissions:
  contents: write
  packages: write

env:
  SKIP_ENV_VALIDATION: true
  REGISTRY: ghcr.io
  IMAGE_NAME: ${{ github.repository }}
  TURBO_TELEMETRY_DISABLED: 1

concurrency:
  group: ${{ github.workflow }}-${{ github.ref_name }}

jobs:
  release:
    name: Create tag and release
    runs-on: ubuntu-latest
    env:
      SKIP_RELEASE: ${{ github.event_name == 'workflow_dispatch' || github.ref_name == 'dev' }}
    outputs:
      version: ${{ steps.read-semver.outputs.version || steps.version-fallback.outputs.version }}
      git_ref: ${{ steps.read-git-ref.outputs.ref || github.ref }}

    steps:
      - run: echo "Skipping release for workflow_dispatch event"
        if: env.SKIP_RELEASE == 'true'
        # The below generated version fallback represents a normalized branch name, for example "feature/branch-name" -> "feature-branch-name"
      - run: echo "version="$(echo ${{github.ref_name}} | sed 's/[^a-zA-Z0-9\-]/-/g') >> "$GITHUB_OUTPUT"
        id: version-fallback
        if: env.SKIP_RELEASE == 'true' && github.ref_name != 'main' && github.ref_name != 'beta'

      - name: Obtain token
        if: env.SKIP_RELEASE == 'false'
        id: obtainToken
        uses: tibdex/github-app-token@v2
        with:
          private_key: ${{ secrets.RENOVATE_MERGE_PRIVATE_KEY }}
          app_id: ${{ secrets.RENOVATE_MERGE_APP_ID }}
      - uses: actions/checkout@v4
        if: env.SKIP_RELEASE == 'false'
        with:
          persist-credentials: false
      - uses: actions/setup-node@v4
        if: env.SKIP_RELEASE == 'false'
        with:
          node-version: 22
      - run: npm i -g pnpm
        if: env.SKIP_RELEASE == 'false'
      - name: Install dependencies
        if: env.SKIP_RELEASE == 'false'
        run: |
          pnpm install
      - name: Run Semantic Release
        if: env.SKIP_RELEASE == 'false'
        env:
          GITHUB_TOKEN: ${{ steps.obtainToken.outputs.token }}
          GIT_AUTHOR_NAME: "Releases Homarr"
          GIT_AUTHOR_EMAIL: "175486441+homarr-releases[bot]@users.noreply.github.com"
          GIT_COMMITTER_NAME: "Releases Homarr"
          GIT_COMMITTER_EMAIL: "175486441+homarr-releases[bot]@users.noreply.github.com"
        run: |
          pnpm release
      - name: Read semver output
        # We read the last tag either from the created release or from the current branch, this is to rerun the deployment job for the currently released version when it failed
        if: env.SKIP_RELEASE == 'false' || github.ref_name == 'main' || github.ref_name == 'beta'
        id: read-semver
        run: |
          git fetch --tags
          echo "version=$(git describe --tags --abbrev=0)" >> "$GITHUB_OUTPUT"
      - name: Read git ref
        if: env.SKIP_RELEASE == 'false'
        id: read-git-ref
        run: |
          echo "ref=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT"
      - name: Update dev branch
        if: env.SKIP_RELEASE == 'false'
        continue-on-error: true # Prevent pipeline from failing when merge fails
        env:
          GITHUB_TOKEN: ${{ steps.obtainToken.outputs.token }}
        run: |
          git fetch origin dev
          git checkout dev
          git pull origin dev
          git merge ${{ github.ref_name }}
          git push origin dev
  deploy:
    name: Deploy docker image
    needs: release
    runs-on: ubuntu-latest
    env:
      NEXT_VERSION: ${{ needs.release.outputs.version }}
      DEPLOY_LATEST: ${{ github.ref_name == 'main' }}
      DEPLOY_BETA: ${{ github.ref_name == 'beta' }}
    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ needs.release.outputs.git_ref }}
      - name: Discord notification
        if: ${{ github.events.inputs.send-notifications != false }}
        env:
          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
        uses: Ilshidur/action-discord@master
        with:
          args: "Deployment of an image for version '${{env.NEXT_VERSION}}' has been triggered: [run ${{ github.run_number }}](<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}>)"
      - name: Log in to the Container registry
        uses: docker/login-action@v3
        with:
          registry: ${{ env.REGISTRY }}
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: "${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
          tags: |
            ${{ env.DEPLOY_LATEST == 'true' && 'type=raw,value=latest' || null }}
            ${{ env.DEPLOY_BETA == 'true' && 'type=raw,value=beta' || null }}
            type=raw,value=${{ env.NEXT_VERSION }}
      - name: Build and push
        id: buildPushAction
        uses: docker/build-push-action@v6
        with:
          platforms: linux/amd64,linux/arm64
          context: .
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          network: host
        env:
          SKIP_ENV_VALIDATION: true
      - name: Discord notification
        env:
          DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }}
        uses: Ilshidur/action-discord@master
        with:
          args: "Deployment of image has completed for branch ${{ github.ref_name }}. Image ID is '${{ steps.buildPushAction.outputs.imageid }}'."