release.yml

name: Create release

on:
  push:
    tags:
      - v*

jobs:
  build-linux:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: "18"

      - name: Install dependencies for Windows builds
        run: sudo apt-get install -y p7zip-full nsis

      - name: Install dependencies
        run: yarn

      - name: Set version in package json
        run:
          npm version ${GITHUB_REF#refs/tags/} --no-git-tag-version
          --no-workspaces-update

      - name: Build
        run: yarn compile

      - name: Build all possible packages
        run: yarn package:tarballs

      - name: Upload to S3
        run:
          yarn oclif upload tarballs
          --targets=linux-x64,linux-arm64,darwin-x64,darwin-arm64
        env:
          AWS_REGION: eu-central-1
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

      - name: Save artifacts
        uses: actions/upload-artifact@v4
        with:
          name: pkg-tarballs
          path: |
            dist/*.tar.gz
            dist/*.tar.xz

  build-windows:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: "18"

      - name: Install dependencies for Windows builds
        run: sudo apt-get install -y p7zip-full nsis

      - name: Install dependencies
        run: yarn

      - name: Set version in package json
        run:
          npm version ${GITHUB_REF#refs/tags/} --no-git-tag-version
          --no-workspaces-update

      - name: Build
        run: yarn compile

      - name: Build all possible packages
        run: yarn package:windows

      - name: Upload to S3
        run: yarn oclif upload win
        env:
          AWS_REGION: eu-central-1
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

      - name: Save artifacts
        uses: actions/upload-artifact@v4
        with:
          name: pkg-windows
          path: dist/win32/*.exe

  build-macos:
    runs-on: macos-13
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: "18"

      - name: Install dependencies
        run: yarn

      - name: Set version in package json
        run:
          npm version ${GITHUB_REF#refs/tags/} --no-git-tag-version
          --no-workspaces-update

      - name: Build
        run: yarn compile

      - name: Build all possible packages
        run: yarn package:macos

      - name: Upload to S3
        run: yarn oclif upload macos
        env:
          AWS_REGION: eu-central-1
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

      - name: Save artifacts
        uses: actions/upload-artifact@v4
        with:
          name: pkg-macos
          path: dist/macos/*.pkg

  release-npm:
    runs-on: ubuntu-latest
    needs:
      - build-linux
      - build-windows
      - build-macos
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: "18"

      - name: Install dependencies
        run: yarn

      - name: Set version in package json
        run:
          npm version ${GITHUB_REF#refs/tags/} --no-git-tag-version
          --no-workspaces-update

      - name: Build
        run: yarn compile

      - name: Publish
        run: |
          yarn config set npmScopes.mittwald.npmAuthToken "${{ secrets.NPMJS_TOKEN }}"
          yarn config set npmScopes.mittwald.npmPublishRegistry "https://registry.npmjs.org"
          yarn npm publish --access=public

  release-github:
    runs-on: ubuntu-latest
    needs:
      - build-linux
      - build-windows
      - build-macos
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Download artifacts
        uses: actions/download-artifact@v4

      - name: Create release
        run:
          gh release create ${GITHUB_REF#refs/tags/} --title
          ${GITHUB_REF#refs/tags/} --generate-notes --verify-tag
          pkg-tarballs/*.tar.gz pkg-windows/*.exe pkg-macos/*.pkg
        env:
          GITHUB_TOKEN: ${{ github.token }}

  release-s3:
    runs-on: ubuntu-latest
    needs:
      - build-linux
      - build-windows
      - build-macos
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Download artifacts
        uses: actions/download-artifact@v4

      - name: Install dependencies
        run: yarn

      - name: Set version in package json
        run:
          npm version ${GITHUB_REF#refs/tags/} --no-git-tag-version
          --no-workspaces-update

      - name: Upload to S3
        run:
          yarn oclif promote --version=${GITHUB_REF_NAME#v} --sha=$(git
          rev-parse --short ${{ github.sha }}) --win --macos
          --targets=linux-x64,linux-arm64,darwin-x64,darwin-arm64
        env:
          AWS_REGION: eu-central-1
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

  release-docker:
    runs-on: ubuntu-latest
    needs:
      - build-linux
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Download artifacts
        uses: actions/download-artifact@v4

      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: mittwald/cli

      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}

  release-homebrew:
    runs-on: ubuntu-latest
    needs:
      - build-linux
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Checkout Homebrew repo
        uses: actions/checkout@v4
        with:
          repository: mittwald/homebrew-cli
          path: homebrew
          token: ${{ secrets.MACHINE_USER_TOKEN }}

      - name: Download artifacts
        uses: actions/download-artifact@v4

      - name: Generate Homebrew formula
        run: |
          ls -al pkg-tarballs
          sed \
            -e 's/__VERSION__/'${GITHUB_REF_NAME#v}'/g' \
            -e 's/__VERSIONHASH__/'$(git rev-parse --short ${{ github.sha }})'/g' \
            -e 's/__SHA_X64__/'$(sha256sum pkg-tarballs/mw-*-darwin-x64.tar.xz | cut -d" " -f1)'/' \
            -e 's/__SHA_ARM64__/'$(sha256sum pkg-tarballs/mw-*-darwin-arm64.tar.xz | cut -d" " -f1)'/' < scripts/release/homebrew.rb > homebrew/mw.rb

      - name: Generate .netrc
        run: |
          echo -e "machine github.com\nlogin ${MACHINE_USER_NAME}\npassword ${MACHINE_USER_TOKEN}" > ~/.netrc
        env:
          MACHINE_USER_NAME: ${{ secrets.MACHINE_USER_NAME }}
          MACHINE_USER_TOKEN: ${{ secrets.MACHINE_USER_TOKEN }}

      - name: Commit and push
        run: |
          cd homebrew
          git config --global user.email "opensource@mittwald.de"
          git config --global user.name "mittwald machine"
          git add mw.rb
          git commit -m "Release ${GITHUB_REF_NAME}"
          git push

  cleanup-artifacts:
    runs-on: ubuntu-latest
    needs:
      - release-github
      - release-docker
      - release-homebrew
    steps:
      - uses: geekyeggo/delete-artifact@v4
        with:
          name: |
            pkg-*