name: Release SemVer

on: workflow_dispatch

jobs:
  check_authorization:
    name: Check authorization to release new version
    runs-on: ubuntu-latest
    outputs:
      isAuthorized: ${{ steps.check-auth.outputs.is_authorized }}
    steps:
      - name: check-auth
        id: check-auth
        run: echo "is_authorized=${{ contains(secrets.DEPLOYMENT_AUTHORIZED_USERS, github.triggering_actor) }}" >> $GITHUB_OUTPUT
  release:
    name: Release
    needs: check_authorization
    if: needs.check_authorization.outputs.isAuthorized == 'true'
    runs-on: ubuntu-latest
    outputs:
      didRelease: ${{ steps.semver.outputs.new_release_published }}
      newVersion: ${{ steps.semver.outputs.new_release_version }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          persist-credentials: false
      - name: semantic-release
        uses: cycjimmy/semantic-release-action@v3
        id: semver
        env:
          GITHUB_TOKEN: ${{ secrets.COSMISTACKBOT_ACCESS_TOKEN }}
          GIT_AUTHOR_NAME: cosmistack-bot
          GIT_AUTHOR_EMAIL: dev@cosmistack.com
          GIT_COMMITTER_NAME: cosmistack-bot
          GIT_COMMITTER_EMAIL: dev@cosmistack.com

      - name: Finalize release notes
        # Skip for pre-releases (versions containing a hyphen, e.g. 1.27.0-rc.1)
        if: |
          steps.semver.outputs.new_release_published == 'true' &&
          !contains(steps.semver.outputs.new_release_version, '-')
        id: finalize-notes
        env:
          GITHUB_REPOSITORY: ${{ github.repository }}
        run: |
          git pull origin main
          chmod +x .github/scripts/finalize-release-notes.sh
          EXIT_CODE=0
          .github/scripts/finalize-release-notes.sh \
            "${{ steps.semver.outputs.new_release_version }}" \
            admin/docs/release-notes.md || EXIT_CODE=$?
          if [[ "$EXIT_CODE" -eq 0 ]]; then
            echo "has_notes=true" >> $GITHUB_OUTPUT
          else
            echo "has_notes=false" >> $GITHUB_OUTPUT
          fi

      - name: Commit finalized release notes
        if: |
          steps.semver.outputs.new_release_published == 'true' &&
          steps.finalize-notes.outputs.has_notes == 'true' &&
          !contains(steps.semver.outputs.new_release_version, '-')
        run: |
          git config user.name "cosmistack-bot"
          git config user.email "dev@cosmistack.com"
          git remote set-url origin https://x-access-token:${{ secrets.COSMISTACKBOT_ACCESS_TOKEN }}@github.com/${{ github.repository }}.git
          git add admin/docs/release-notes.md
          git commit -m "docs(release): finalize v${{ steps.semver.outputs.new_release_version }} release notes [skip ci]"
          git push origin main

      - name: Update GitHub release body
        if: |
          steps.semver.outputs.new_release_published == 'true' &&
          steps.finalize-notes.outputs.has_notes == 'true' &&
          !contains(steps.semver.outputs.new_release_version, '-')
        env:
          GH_TOKEN: ${{ secrets.COSMISTACKBOT_ACCESS_TOKEN }}
        run: |
          gh release edit "v${{ steps.semver.outputs.new_release_version }}" \
            --notes-file admin/docs/release-notes.md.section

      # Future: Send release notes email
      # - name: Send release notes email
      #   if: steps.semver.outputs.new_release_published == 'true' && steps.finalize-notes.outputs.has_notes == 'true'
      #   run: |
      #     curl -X POST "https://api.projectnomad.us/api/v1/newsletter/release" \
      #       -H "Authorization: Bearer ${{ secrets.NOMAD_API_KEY }}" \
      #       -H "Content-Type: application/json" \
      #       -d "{\"version\": \"${{ steps.semver.outputs.new_release_version }}\", \"body\": $(cat admin/docs/release-notes.md.section | jq -Rs .)}"