### This workflow setup instance then build and push images ###
name: 4testing multiarch-build
run-name: >-
  Build #${{ inputs.build }} [
  ${{ inputs.amd64 && 'AMD64' || '-' }}
  ${{ inputs.arm64 && 'ARM64' || '-' }}
  ] [
  ${{ inputs.community && 'CE' || '-' }}
  ${{ inputs.developer && 'DE' || '-' }}
  ${{ inputs.enterprise && 'EE' || '-' }}
  ]

on:
  workflow_dispatch:
    inputs:
      build:
        description: 'Build number (ex. 45)'
        type: string
        required: true
      amd64:
        type: boolean
        description: 'Build AMD64'
        default: true
      arm64:
        type: boolean
        description: 'Build ARM64'
        default: true
      community:
        type: boolean
        description: 'Build Community Edition'
        default: true
      enterprise:
        type: boolean
        description: 'Build Enterprise Edition'
        default: true
      developer:
        type: boolean
        description: 'Build Developer Edition'
        default: true

env: 
  COMPANY_NAME: "onlyoffice"
  PRODUCT_NAME: "documentserver"
      
jobs:
  prepare:
    runs-on: ubuntu-latest
    steps:
      - id: matrix
        run: |
          set -ex

          BRANCH_NAME=${GITHUB_REF#refs/heads/}
          if ! [[ $BRANCH_NAME == develop || $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
            echo "Wrong branch."
            exit 1
          fi

          [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
          [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
          if [ -z ${PLATFORMS} ]; then
            echo "None of the platforms are selected."
            exit 1
          fi

          [ ${{ github.event.inputs.community }} = true ] && EDITIONS+=("community")
          [ ${{ github.event.inputs.enterprise }} = true ] && EDITIONS+=("enterprise")
          [ ${{ github.event.inputs.developer }} = true ] && EDITIONS+=("developer")
          if [ -z ${EDITIONS} ]; then
            echo "None of the editions are selected."
            exit 1
          fi
          echo "editions=$(jq -n -c --arg s "${EDITIONS[*]}" '($s|split(" "))')" >> $GITHUB_OUTPUT
    outputs:
      editions: ${{ steps.matrix.outputs.editions }}

  build:
    name: "Build ${{ matrix.image }}-${{ matrix.edition }}"
    runs-on: ubuntu-latest
    needs: prepare
    strategy:
      fail-fast: false
      matrix:
        image: ["documentserver"]
        edition: ${{ fromJSON(needs.prepare.outputs.editions) }}
    steps:
      - name: Checkout code 
        uses: actions/checkout@v3

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2

      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v2
     
      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKER_HUB_USERNAME }}
          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}

      - name: Build 4testing
        id: build-ds
        run: |
          set -eux

          ### ==>> At this step build variable declaration ###

          case ${{ matrix.edition }} in
            community)
              PRODUCT_EDITION=""
              ;;
            enterprise)
              PRODUCT_EDITION="-ee"
              ;;
            developer)
              PRODUCT_EDITION="-de"
              ;;
          esac

          [ ${{ github.event.inputs.amd64 }} = true ] && PLATFORMS+=("amd64")
          [ ${{ github.event.inputs.arm64 }} = true ] && PLATFORMS+=("arm64")
          PLATFORM=$(echo ${PLATFORMS[*]/#/linux/} | tr ' ' ',')

          BRANCH_NAME=${GITHUB_REF#refs/heads/}
          if [ $BRANCH_NAME = develop ]; then
            BUILD_CHANNEL=nightly
            PRODUCT_VERSION=99.99.99
          elif [[ $BRANCH_NAME =~ hotfix || $BRANCH_NAME =~ release ]]; then
            BUILD_CHANNEL=test
            PRODUCT_VERSION=${BRANCH_NAME#*/v}
          fi
          BUILD_NUMBER=${{ github.event.inputs.build }}

          export PRODUCT_EDITION
          export PACKAGE_VERSION=${PRODUCT_VERSION}-${BUILD_NUMBER}
          export PACKAGE_BASEURL=${{ secrets.REPO_BASEURL }}
          export BUILD_CHANNEL
          export PLATFORM
          export DOCKERFILE=Dockerfile
          export PREFIX_NAME=4testing-
          export TAG=${PRODUCT_VERSION}.${BUILD_NUMBER}

          ### ==>> Build and push images at this step ###

          docker buildx bake -f docker-bake.hcl ${{ matrix.image }} --push
          echo "DONE: Build success"

          ### Set output for Zap scanner
          ### NOTE: Output will be used only in release/hotfix branches
          
          echo "version=${TAG}" >> "$GITHUB_OUTPUT"
          echo "branch=${BRANCH_NAME}" >> "$GITHUB_OUTPUT"
        shell: bash

      # Run scanner only when edition is community 
      # and branch hit release/ or hotfix/
      - name: Trigger zap manualy
        if: >-
             matrix.edition == 'community' &&
             (startsWith(steps.build-ds.outputs.branch, 'release/') ||
              startsWith(steps.build-ds.outputs.branch, 'hotfix/'))
        env:
          VERSION: ${{ steps.build-ds.outputs.version }}
          BRANCH: ${{ steps.build-ds.outputs.branch }}
          GITHUB_TOKEN: ${{ secrets.TOKEN }}
        run: |
            gh workflow run zap-ds.yaml \
                 --repo ${{ github.repository }} \
                 -f branch=${BRANCH} \
                 -f version=${VERSION}
        shell: bash