.github/workflows/ci.yml

# Based on https://github.com/aptly-dev/aptly/blob/master/.travis.yml

name: CI

on:
  pull_request:
  push:
    tags:
      - 'v*'
    branches:
      - 'master'

defaults:
  run:
    # see: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell
    shell: bash --noprofile --norc -eo pipefail -x {0}

env:
  DEBIAN_FRONTEND: noninteractive

jobs:
  build:
    name: test
    runs-on: ubuntu-22.04
    continue-on-error: false
    timeout-minutes: 30

    env:
      NO_FTP_ACCESS: yes
      BOTO_CONFIG: /dev/null
      GO111MODULE: "on"
      GOPROXY: "https://proxy.golang.org"
      GOVER: '1.21'

    steps:
      - name: Checkout repository
        uses: actions/checkout@v2

      - name: Setup Go
        uses: actions/setup-go@v3
        with:
          go-version: ${{ env.GOVER }}

      - name: Get aptly version
        run: |
           make version
           go generate

      - name: Setup Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.11'

      - name: Install O/S packages
        run: |
          sudo apt-get update
          sudo apt-get install -y graphviz gnupg2 gpgv2 git gcc make

      - name: Install Python packages
        run: |
          pip install six packaging appdirs virtualenv
          pip install -U pip setuptools
          pip install -r system/requirements.txt

      - name: Install Azurite
        id: azuright
        uses: potatoqualitee/azuright@v1.1
        with:
          directory: ${{ runner.temp }}

      - name: Make
        env:
          RUN_LONG_TESTS: 'yes'
          AZURE_STORAGE_ENDPOINT: "127.0.0.1:10000"
          AZURE_STORAGE_ACCOUNT: "devstoreaccount1"
          AZURE_STORAGE_ACCESS_KEY: "Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw=="
        run: |
          COVERAGE_DIR=${{ runner.temp }} make

      - name: Merge code coverage
        run: |
          go install github.com/wadey/gocovmerge@latest
          ~/go/bin/gocovmerge unit.out ${{ runner.temp }}/*.out > coverage.txt

      - name: Upload code coverage
        uses: codecov/codecov-action@v2
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          files: coverage.txt

  release-focal:
    name: release-focal
    needs: build
    runs-on: ubuntu-20.04
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          # fetch the whole repot for `git describe` to
          # work and get the nightly verion
          fetch-depth: 0

      - name: Setup Go
        uses: actions/setup-go@v4

      - name: Make Release
        env:
          GOBIN: /usr/local/bin
        run: |
          make release

      - name: Publish nightly release to aptly
        # if: github.ref == 'refs/heads/master'
        env:
          APTLY_USER: ${{ secrets.APTLY_USER }}
          APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
        run: |
          ./upload-artifacts.sh nightly focal

      - name: Publish release to aptly
        if: startsWith(github.event.ref, 'refs/tags')
        env:
          APTLY_USER: ${{ secrets.APTLY_USER }}
          APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
        run: |
          ./upload-artifacts.sh release focal

  release-jammy:
    name: release-jammy
    needs: build
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          # fetch the whole repot for `git describe` to
          # work and get the nightly verion
          fetch-depth: 0

      - name: Setup Go
        uses: actions/setup-go@v4

      - name: Make Release
        env:
          GOBIN: /usr/local/bin
        run: |
          make release

      - name: Publish nightly release to aptly
        if: github.ref == 'refs/heads/master'
        env:
          APTLY_USER: ${{ secrets.APTLY_USER }}
          APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
        run: |
          ./upload-artifacts.sh nightly jammy

      - name: Publish release to aptly
        if: startsWith(github.event.ref, 'refs/tags')
        env:
          APTLY_USER: ${{ secrets.APTLY_USER }}
          APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
        run: |
          ./upload-artifacts.sh release jammy

  release:
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        name: [Ubuntu-20, Ubuntu-22, Debian-11, Debian-12]
        include:
          - name: Ubuntu-20
            image: "ubuntu:20.04"
            suite: focal
            install: "make ca-certificates git curl golang"
          - name: Ubuntu-22
            image: "ubuntu:22.04"
            suite: jammy
            install: "make ca-certificates git curl golang"
          - name: Debian-11
            image: "debian:bullseye"
            suite: bullseye
            install: "make ca-certificates git curl golang"
          - name: Debian-12
            image: "debian:bookworm"
            suite: bookworm
            install: "make ca-certificates git curl golang"
    container:
      image: ${{ matrix.image }}
      env:
        APT_LISTCHANGES_FRONTEND: none
        DEBIAN_FRONTEND: noninteractive
    steps:
      - name: Install O/S packages
        run: |
          apt-get update
          apt-get install -y --no-install-recommends ${{ matrix.install }}
          git config --global --add safe.directory "$GITHUB_WORKSPACE"

      - name: Checkout repository
        uses: actions/checkout@v3
        with:
          # fetch the whole repo for `git describe` to
          # work and get the nightly verion
          fetch-depth: 0

      - name: Make Release
        env:
          GOBIN: /usr/local/bin
        run: |
          make release

      - name: Publish nightly release to aptly
        # if: github.ref == 'refs/heads/master'
        env:
          APTLY_USER: ${{ secrets.APTLY_USER }}
          APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
        run: |
          ./upload-artifacts.sh nightly ${{ matrix.suite }}

      - name: Publish release to aptly
        if: startsWith(github.event.ref, 'refs/tags')
        env:
          APTLY_USER: ${{ secrets.APTLY_USER }}
          APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }}
        run: |
          ./upload-artifacts.sh release ${{ matrix.suite }}