podkop-anabasis/.gitea/workflows/build.yml

name: Build packages

on:
  push:
    tags:
      - '*'

permissions:
  contents: read
  releases: write

jobs:
  build-release:
    name: Build packages and create Gitea release
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v5.0.0
        with:
          fetch-depth: 0

      - name: Setup build version
        id: version
        run: |
          VERSION=$(git describe --tags --exact-match 2>/dev/null || echo "0.$(date +%d%m%Y)")
          echo "version=$VERSION" >> "$GITHUB_OUTPUT"

      - name: Build packages
        shell: bash
        run: |
          set -euo pipefail

          VERSION="${{ steps.version.outputs.version }}"
          mkdir -p ./filtered-bin/release

          for package_type in ipk apk; do
            docker build \
              -f "./Dockerfile-${package_type}" \
              --build-arg "PODKOP_VERSION=${VERSION}" \
              -t "podkop:ci-${package_type}" \
              .

            container="podkop-${package_type}"
            docker create --name "$container" "podkop:ci-${package_type}"
            mkdir -p "./bin/${package_type}"
            docker cp "$container:/builder/bin/packages/x86_64/utilities/." "./bin/${package_type}/"
            docker cp "$container:/builder/bin/packages/x86_64/luci/." "./bin/${package_type}/"
            docker rm "$container"

            if [ "$package_type" = "ipk" ]; then
              for file in "./bin/${package_type}"/*.ipk; do
                [ -e "$file" ] || continue
                base=$(basename "$file")
                newname=$(echo "$base" | sed 's/_/-/g')
                mv "$file" "./bin/${package_type}/${newname}"
              done
            fi

            mkdir -p "./filtered-bin/${package_type}"
            cp "./bin/${package_type}"/luci-i18n-podkop-ru-*."${package_type}" \
              "./filtered-bin/${package_type}/luci-i18n-podkop-ru-${VERSION}.${package_type}"
            cp "./bin/${package_type}"/podkop-*."${package_type}" "./filtered-bin/${package_type}/"
            cp "./bin/${package_type}"/luci-app-podkop-*."${package_type}" "./filtered-bin/${package_type}/"
            cp "./filtered-bin/${package_type}"/*."${package_type}" ./filtered-bin/release/
          done

      - name: Create release and upload assets
        shell: bash
        env:
          GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          TAG_NAME: ${{ github.ref_name }}
          REPOSITORY: ${{ github.repository }}
          SERVER_URL: ${{ github.server_url }}
        run: |
          set -euo pipefail

          TOKEN="${GITEA_TOKEN:-${GITHUB_TOKEN:-}}"
          if [ -z "$TOKEN" ]; then
            echo "GITEA_TOKEN or GITHUB_TOKEN secret is required to create a release" >&2
            exit 1
          fi

          API_URL="${SERVER_URL%/}/api/v1"

          http_code="$(curl -sS \
            -H "Authorization: token $TOKEN" \
            -o /tmp/release.json \
            -w "%{http_code}" \
            "$API_URL/repos/$REPOSITORY/releases/tags/$TAG_NAME")"

          if [ "$http_code" = "200" ]; then
            release_id="$(jq -r '.id' /tmp/release.json)"
          else
            release_json="$(jq -cn \
              --arg tag "$TAG_NAME" \
              --arg name "$TAG_NAME" \
              '{tag_name: $tag, name: $name, draft: false, prerelease: false}')"

            curl -sSf \
              -H "Authorization: token $TOKEN" \
              -H "Content-Type: application/json" \
              -d "$release_json" \
              "$API_URL/repos/$REPOSITORY/releases" \
              > /tmp/release.json

            release_id="$(jq -r '.id' /tmp/release.json)"
          fi

          if [ -z "$release_id" ] || [ "$release_id" = "null" ]; then
            echo "Failed to read Gitea release id" >&2
            cat /tmp/release.json >&2
            exit 1
          fi

          for file in ./filtered-bin/release/*.*; do
            [ -f "$file" ] || continue
            curl -sSf \
              -H "Authorization: token $TOKEN" \
              -F "attachment=@${file}" \
              "$API_URL/repos/$REPOSITORY/releases/$release_id/assets?name=$(basename "$file")" \
              > /dev/null
          done