name: CI build

# Run this workflow every time a new commit pushed to your repository
on:
  push:
    branches: [ '**' ]
    tags-ignore: [ '**' ]
  pull_request:
    types: [ opened, synchronize, reopened ]

jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - name: Check out code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up GPG
        if: env.GPG_SECRET_KEYS != null && env.GPG_OWNERTRUST != null
        run: |
          cat <(echo -e "${{ env.GPG_SECRET_KEYS }}") | base64 --decode | gpg --batch --import
          cat <(echo -e "${{ env.GPG_OWNERTRUST }}") | base64 --decode | gpg --batch --import-ownertrust
        env:
          GPG_SECRET_KEYS: ${{ secrets.GPG_SECRET_KEYS }}
          GPG_OWNERTRUST: ${{ secrets.GPG_OWNERTRUST }}
      - name: Set up Java
        uses: actions/setup-java@v4
        with:
          distribution: 'zulu'
          java-version: 17
          cache: maven
      - name: Perform build
        run: .github/scripts/build.sh
        shell: bash
        env:
          MAVEN_CLI_OPTS: --settings .github/mvn-settings.xml
          GPG_EXECUTABLE: /usr/bin/gpg
          GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }}
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
          SONATYPE_USER: ${{ secrets.SONATYPE_USER }}
          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
      - name: Publish test coverage
        if: env.COVERALLS_REPO_TOKEN != null
        run: ./mvnw --batch-mode -DrepoToken=${{ env.COVERALLS_REPO_TOKEN }} jacoco:report coveralls:report
        env:
          COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}

  release:
    name: "Release"
    runs-on: ubuntu-latest
    needs: build
    env:
      GH_TOKEN: ${{ secrets.GH_TOKEN }}
    steps:
      - name: Check out code
        if: env.GH_TOKEN != null
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          token: ${{ env.GH_TOKEN }}
      - name: Set up CI git user
        if: env.GH_TOKEN != null
        run: |
          git config user.name "Talsma CI"
          git config user.email "ci-user@talsma-ict.nl"
      - name: Set up JDK
        if: env.GH_TOKEN != null
        uses: actions/setup-java@v4
        with:
          distribution: 'zulu'
          java-version: 17
          cache: 'maven'
      - name: Perform optional release
        if: env.GH_TOKEN != null
        run: .github/scripts/release.sh
        shell: bash
        env:
          MAVEN_CLI_OPTS: --settings .github/mvn-settings.xml