.github/workflows/build.yml

# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven

name: Build
env:
  JAVA_VERSION: 17
defaults:
  run:
    shell: bash
on:
  push:
    branches: [ "main" ]
    tags:
      - '*'
  pull_request:
    types: [opened, synchronize, reopened]
  workflow_dispatch: {}
jobs:
  compile_and_test:
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
    name: Compile and Test
    runs-on: ubuntu-latest
    if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
    steps:
      - name: Check out
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Set up Java
        uses: actions/setup-java@v3
        with:
          java-version: ${{ env.JAVA_VERSION }}
          cache: maven
          distribution: 'temurin'

      - name: Cache SonarCloud packages
        uses: actions/cache@v3
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar

      - name: Maven Build, Sonarcloud analysis
        run: mvn -Dsonar.host.url="https://sonarcloud.io" -Dsonar.organization=tools1000 -Dsonar.projectKey=Tools1000_drkodi -B -Pall verify jacoco:report sonar:sonar

  build_macos_x86_64:
    needs: [compile_and_test]
    name: Build MacOS x86_64 App
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      MAC_DEVELOPER_ID: ${{ secrets.MAC_DEVELOPER_ID }}
      MAC_DEVELOPER_CERTIFICATE: ${{ secrets.MAC_DEVELOPER_CERTIFICATE }}
      MAC_DEVELOPER_CERTIFICATE_PASSWORD: ${{ secrets.MAC_DEVELOPER_CERTIFICATE_PASSWORD }}
      KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
      MAC_API_ISSUER_ID: ${{ secrets.MAC_API_ISSUER_ID }}
      MAC_API_KEY_ID: ${{ secrets.MAC_API_KEY_ID }}
      MAC_API_KEY: ${{ secrets.MAC_API_KEY }}

    runs-on: macos-latest
    steps:
      - name: Check out
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Set up Java
        uses: actions/setup-java@v3
        with:
          java-version: ${{ env.JAVA_VERSION }}
          cache: 'maven'
          distribution: 'temurin'

      - name: Install the Apple certificate and provisioning profile
        run: |
          # create variables
          CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
          mkdir ~/private_keys
          MAC_API_KEY_PATH=~/private_keys/AuthKey_$MAC_API_KEY_ID.p8
          PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
          KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
          
          echo "API key path: $MAC_API_KEY_PATH"
          
          # import certificate and provisioning profile from secrets
          echo -n "$MAC_DEVELOPER_CERTIFICATE" | base64 --decode --output $CERTIFICATE_PATH
          echo -n "$MAC_API_KEY" | base64 --decode --output $MAC_API_KEY_PATH
          
          # create temporary keychain
          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
          
          # import certificate to keychain
          security import $CERTIFICATE_PATH -P "$MAC_DEVELOPER_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
          security list-keychain -d user -s $KEYCHAIN_PATH
          
          # set up notary
          xcrun notarytool store-credentials notary-profile --key-id "$MAC_API_KEY_ID" --issuer "$MAC_API_ISSUER_ID" --key "$MAC_API_KEY_PATH"

#      - name: Print environment
#        uses: hmarr/debug-action@v2

      - name: Build
        run: mvn -B -DskipTests -Dmaven.javadoc.skip=true -Pmacosx-x86_64,all -Djavafx.platform=mac package

      - name: Upload artifacts
        uses: actions/upload-artifact@v3
        with:
          if-no-files-found: error
          path: |
            target/drkodi*.dmg

  build_linux_x86_64:
    needs: [compile_and_test]
    name: Build Linux x86_64 App
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    runs-on: ubuntu-latest
    steps:
      - name: Check out
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Set up Java
        uses: actions/setup-java@v3
        with:
          java-version: ${{ env.JAVA_VERSION }}
          cache: 'maven'
          distribution: 'temurin'

      - name: Build
        run: mvn -B -DskipTests -Dmaven.javadoc.skip=true -Plinux-x86_64,all -Djavafx.platform=linux package

      - name: Upload artifacts
        uses: actions/upload-artifact@v3
        with:
          if-no-files-found: error
          path: |
            target/appdir/drkodi*.deb
            target/appdir/DrKodi*.zip

  build_windows_x86_64:
    needs: [compile_and_test]
    name: Build Windows x86_64 App
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    runs-on: windows-latest
    steps:
      - name: Check out
        uses: actions/checkout@v3
        with:
          fetch-depth: 0

      - name: Set up Java
        uses: actions/setup-java@v3
        with:
          java-version: ${{ env.JAVA_VERSION }}
          cache: 'maven'
          distribution: 'temurin'

      - name: Build
        run: mvn -B -DskipTests -Dmaven.javadoc.skip=true -Pwindows-x86_64,all -Djavafx.platform=win package

      - name: Upload artifacts
        uses: actions/upload-artifact@v3
        with:
          if-no-files-found: error
          path: |
            target/appdir/Dr.Kodi-*.msi

  draft_release:
    env:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    name: Draft a Release
    runs-on: ubuntu-latest
    if: startsWith(github.event.ref, 'refs/tags/drkodi-version-')
    needs: [build_linux_x86_64, build_macos_x86_64, build_windows_x86_64]
    steps:
      - name: Download artifacts
        uses: actions/download-artifact@v3
        with:
          name: artifact
      - name: Draft Release
        uses: softprops/action-gh-release@v1
        with:
          draft: true
          files: |
            DrKodi*.zip
            drkodi*.dmg
            Dr.Kodi*.msi
            drkodi*.deb
          fail_on_unmatched_files: true