name: CI

on:
  push:
    branches:
      - master
    paths:
      - '**'
      - '!**.md'
      - '!.github/**'
      - '.github/scripts/**'
      - '.github/workflows/build_push.yml'

concurrency:
  group: ${{ github.workflow }}
  cancel-in-progress: true

env:
  CI_CHUNK_SIZE: 65

jobs:
  prepare:
    name: Prepare job
    runs-on: ubuntu-latest
    outputs:
      individualMatrix: ${{ steps.generate-matrices.outputs.individualMatrix }}
    steps:
      - name: Clone repo
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
        with:
          ref: master
          token: ${{ secrets.ANIYOMIORG_BOT_PAT }}

      - name: Find lib changes
        id: modified-libs
        uses: tj-actions/changed-files@90a06d6ba9543371ab4df8eeca0be07ca6054959 #v42
        with:
          files: lib/
          files_ignore: lib/**.md
          files_separator: " "
          safe_output: false

      - name: Import GPG key
        uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
        with:
          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.GPG_PASSPHRASE }}
          git_user_signingkey: true
          git_commit_gpgsign: true

        # This step is going to commit, but this will not trigger another workflow.
      - name: Bump extensions that uses a modified lib
        if: steps.modified-libs.outputs.any_changed == 'true'
        run: |
          ./.github/scripts/bump-versions.py ${{ steps.modified-libs.outputs.all_changed_files }}

      - name: Validate Gradle Wrapper
        uses: gradle/wrapper-validation-action@a494d935f4b56874c4a5a87d19af7afcf3a163d0 # v2

      - name: Get number of modules
        run: |
          set -x
          projects=(src/*/*)

          echo "NUM_INDIVIDUAL_MODULES=${#projects[@]}" >> $GITHUB_ENV

      - id: generate-matrices
        name: Create output matrices
        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
        with:
          script: |
            const numIndividualModules = process.env.NUM_INDIVIDUAL_MODULES;
            const chunkSize = process.env.CI_CHUNK_SIZE;

            const numIndividualChunks = Math.ceil(numIndividualModules / chunkSize);

            console.log(`Individual modules: ${numIndividualModules} (${numIndividualChunks} chunks of ${chunkSize})`);

            core.setOutput('individualMatrix', { 'chunk': [...Array(numIndividualChunks).keys()] });

  build_individual:
    name: Build individual modules
    needs: prepare
    runs-on: ubuntu-latest
    strategy:
      matrix: ${{ fromJSON(needs.prepare.outputs.individualMatrix) }}
    steps:
      - name: Checkout master branch
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
        with:
          ref: master

      - name: Set up JDK
        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4
        with:
          java-version: 17
          distribution: temurin

      - name: Prepare signing key
        run: |
          echo ${{ secrets.SIGNING_KEY }} | base64 -d > signingkey.jks

      - name: Set up Gradle
        uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3

      - name: Build extensions (chunk ${{ matrix.chunk }})
        env:
          CI_CHUNK_NUM: ${{ matrix.chunk }}
          ALIAS: ${{ secrets.ALIAS }}
          KEY_STORE_PASSWORD: ${{ secrets.KEY_STORE_PASSWORD }}
          KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
        run: ./gradlew -p src assembleRelease

      - name: Upload APKs (chunk ${{ matrix.chunk }})
        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4
        if: "github.repository == 'aniyomiorg/aniyomi-extensions'"
        with:
          name: "individual-apks-${{ matrix.chunk }}"
          path: "**/*.apk"
          retention-days: 1

      - name: Clean up CI files
        run: rm signingkey.jks

  publish_repo:
    name: Publish repo
    needs:
      - build_individual
    if: "github.repository == 'aniyomiorg/aniyomi-extensions'"
    runs-on: ubuntu-latest
    steps:
      - name: Download APK artifacts
        uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4
        with:
          path: ~/apk-artifacts

      - name: Set up JDK
        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4
        with:
          java-version: 17
          distribution: temurin

      - name: Checkout master branch
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
        with:
          ref: master
          path: master

      - name: Create repo artifacts
        run: |
          cd master
          python ./.github/scripts/move-apks.py
          INSPECTOR_LINK="$(curl -s "https://api.github.com/repos/aniyomiorg/aniyomi-extensions-inspector/releases/latest" | jq -r '.assets[0].browser_download_url')"
          curl -L "$INSPECTOR_LINK" -o ./Inspector.jar
          java -jar ./Inspector.jar "repo/apk" "output.json" "tmp"
          python ./.github/scripts/create-repo.py

      - name: Checkout repo branch
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
        with:
          repository: aniyomiorg/aniyomi-extensions
          token: ${{ secrets.ANIYOMIORG_BOT_PAT }}
          ref: repo
          path: repo

      - name: Import GPG key
        uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
        with:
          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.GPG_PASSPHRASE }}
          git_user_signingkey: true
          git_commit_gpgsign: true
          workdir: repo

      - name: Deploy repo
        run: |
          cd repo
          ../master/.github/scripts/commit-repo.sh