name: Publish
on:
  push:
    tags:
      - 'v[0-9]+.[0-9]+.[0-9]+'
      - 'v[0-9]+.[0-9]+.[0-9]+-alpha[0-9]+'
      - 'v[0-9]+.[0-9]+.[0-9]+-beta[0-9]+'
jobs:
  build:
    runs-on: ubuntu-latest
    container: golang:1.24-bookworm
    env:
      GITEA_USER: ${{ secrets.GITEAUSER }}
      GITEA_TOKEN: ${{ secrets.GITEATOKEN }}
      GITEA_REGISTRY: gitea.engen.priv.no
      GITEA_ORG: klauvsteinen
    steps:
      - name: Install dependencies
        run: apt update && apt -y install nodejs bash docker.io
      - name: Setup SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          ssh-keyscan gitea-ssh.engen.priv.no >> ~/.ssh/known_hosts
      - name: Check out repository code
        uses: actions/checkout@v4
      - name: ssh repo
        run: git config --global url.git@gitea-ssh.engen.priv.no:.insteadOf https://gitea.engen.priv.no/
      - name: Install ko
        run: go install github.com/google/ko@latest
      - name: Extract tag (outside container)
        shell: bash
        run: |
          echo "TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
          env
      - name: Docker login
        run: echo "${GITEA_TOKEN}" | docker login "${GITEA_REGISTRY}" --username "${GITEA_USER}" --password-stdin
      - name: Build
        run: |
          export KO_DOCKER_REPO="${GITEA_REGISTRY}/${GITEA_ORG}/unifi-network-operator-controller"
          ko publish ./cmd \
          --tags "$TAG,latest" \
          --image-label 'org.opencontainers.image.authors=Klauvsteinen <vegard@engen.priv.no>' \
          --image-label 'org.opencontainers.image.vendor=Klauvsteinen' \
          --image-label 'org.opencontainers.image.source=https://gitea.engen.priv.no/klauvsteinen/unifi-network-operator' \
          --image-label 'org.opencontainers.image.url=https://gitea.engen.priv.no/klauvsteinen/unifi-network-operator' \
          --image-label 'dev.chainguard.package.main=' \
          --bare
      - name: Build manifest
        run: |
          make IMG="${GITEA_REGISTRY}/${GITEA_ORG}/unifi-network-operator-controller:latest" build-installer
          curl -X PUT \
          -H "Authorization: token $GITEA_TOKEN" \
          -H "Content-Type: application/x-yaml" \
          --data-binary @./dist/install.yaml \
          https://gitea.engen.priv.no/api/packages/klauvsteinen/generic/unifi-network-operator/latest/install.yaml
          make IMG="${GITEA_REGISTRY}/${GITEA_ORG}/unifi-network-operator-controller:$TAG" build-installer
          curl -X PUT \
          -H "Authorization: token $GITEA_TOKEN" \
          -H "Content-Type: application/x-yaml" \
          --data-binary @./dist/install.yaml \
          https://gitea.engen.priv.no/api/packages/klauvsteinen/generic/unifi-network-operator/$TAG/install.yaml