name: Release

on:
  push:
    branches:
      - main
    paths:
      - 'src/**'
      - 'packages/**'
      - '.github/workflows/**'

jobs:
  changelog:
    runs-on: ubuntu-latest
    outputs:
      version: ${{ steps.changelog.outputs.version }}
      body: ${{ steps.changelog.outputs.clean_changelog }}
      tag: ${{ steps.changelog.outputs.tag }}
      skipped: ${{ steps.changelog.outputs.skipped }}
    steps:
      - name: Checkout code 👋
        uses: actions/checkout@v2
      - name: Create changelog ✍️
        id: changelog
        uses: TriPSs/conventional-changelog-action@v3
        with:
          github-token: ${{ secrets.github_token }}
          skip-version-file: "true"
          output-file: "false"
          skip-commit: "true"
          skip-on-empty: "true"
  artifacts:
    needs: changelog
    if: ${{ needs.changelog.outputs.skipped == 'false' }}
    runs-on: ubuntu-latest
    env:
      COSIGN_KEY_LOCATION: "/tmp/cosign.key"
    defaults:
      run:
        shell: pwsh
        working-directory: ${{ github.workspace }}/src
    steps:
      - name: Checkout code 👋
        uses: actions/checkout@v2
      - name: Install Go 🗳
        uses: ./.github/workflows/composite/bootstrap-go
      - name: Tag HEAD 😸
        run: git tag ${{ needs.changelog.outputs.tag }}
      - name: Install cosign 🔑
        uses: sigstore/cosign-installer@main
        with:
          cosign-release: 'v1.4.0'
      - name: Private Key 🔐
        run: |
          $PSDefaultParameterValues['Out-File:Encoding']='UTF8'
          $env:COSIGN_KEY > $env:COSIGN_KEY_LOCATION
        env:
          COSIGN_KEY: ${{secrets.COSIGN_KEY}}
      - name: Run GoReleaser 🚀
        uses: goreleaser/goreleaser-action@v2
        with:
          distribution: goreleaser
          version: latest
          args: build --rm-dist
          workdir: src
        env:
          COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
      - name: Zip theme files 🤐
        run: |
          $compress = @{
            Path = "../themes/*.omp.json"
            CompressionLevel = "Fastest"
            DestinationPath = "./dist/themes.zip"
          }
          Compress-Archive @compress
      - name: Add hashes 🤫
        run: |
          Get-ChildItem ./dist -Exclude *.yaml,*.sig | Get-Unique |
          Foreach-Object {
            $zipHash = Get-FileHash $_.FullName -Algorithm SHA256
            $zipHash.Hash | Out-File -Encoding 'UTF8' "./dist/$($_.Name).sha256"
          }
        shell: pwsh
      - name: Release 🎓
        uses: softprops/action-gh-release@v1
        with:
          tag_name: ${{ needs.changelog.outputs.tag }}
          body: ${{ needs.changelog.outputs.body }}
          fail_on_unmatched_files: true
          token: ${{ secrets.GH_PAT }}
          files: |
            src/dist/posh-*
            src/dist/themes.*