# This workflow builds and releases ORLY binaries for Gitea
#
# NOTE: All builds use CGO_ENABLED=0. The secp256k1 crypto is provided by
#       p256k1.mleku.dev which is pure Go with optional BMI2 assembly acceleration.
#
# Release Process:
# 1. Update the version in the pkg/version/version file (e.g. v1.2.3)
# 2. Create and push a tag matching the version:
#    git tag v1.2.3
#    git push origin v1.2.3
# 3. The workflow will automatically:
#    - Build all binaries for Linux AMD64 and ARM64
#    - Build the launcher admin web UI
#    - Run tests
#    - Create a Gitea release with all binaries
#    - Generate checksums

name: Go

on:
  push:
    tags:
      - "v[0-9]+.[0-9]+.[0-9]+"

jobs:
  build-and-release:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        run: |
          set -e
          echo "Cloning repository..."
          echo "GITHUB_REF_NAME=${GITHUB_REF_NAME}"
          git clone --depth 1 --branch ${GITHUB_REF_NAME} ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git ${GITHUB_WORKSPACE}
          cd ${GITHUB_WORKSPACE}
          echo "Cloned successfully. Last commit:"
          git log -1

      - name: Install dependencies
        run: |
          set -e
          echo "Installing jq..."
          sudo apt-get update && sudo apt-get install -y jq

      - name: Set up Go
        run: |
          set -e
          echo "Setting up Go 1.25.3..."
          cd /tmp
          wget -q https://go.dev/dl/go1.25.3.linux-amd64.tar.gz
          sudo rm -rf /usr/local/go
          sudo tar -C /usr/local -xzf go1.25.3.linux-amd64.tar.gz
          export PATH=/usr/local/go/bin:$PATH
          go version

      - name: Set up Bun
        run: |
          set -e
          echo "Installing Bun..."
          curl -fsSL https://bun.sh/install | bash
          export BUN_INSTALL="$HOME/.bun"
          export PATH="$BUN_INSTALL/bin:$PATH"
          bun --version

      - name: Build Main Web UI
        run: |
          set -e
          export BUN_INSTALL="$HOME/.bun"
          export PATH="$BUN_INSTALL/bin:$PATH"
          cd ${GITHUB_WORKSPACE}/app/web
          echo "Installing frontend dependencies..."
          bun install
          echo "Building web app..."
          bun run build
          ls -lah dist/
          echo "Main web UI build complete"

      - name: Build Smesh UI
        run: |
          set -e
          export BUN_INSTALL="$HOME/.bun"
          export PATH="$BUN_INSTALL/bin:$PATH"
          cd ${GITHUB_WORKSPACE}/app/smesh
          echo "Installing smesh dependencies..."
          bun install
          echo "Building smesh app..."
          bun run build
          ls -lah dist/
          echo "Smesh UI build complete"

      - name: Build Launcher Admin Web UI
        run: |
          set -e
          export BUN_INSTALL="$HOME/.bun"
          export PATH="$BUN_INSTALL/bin:$PATH"
          cd ${GITHUB_WORKSPACE}/cmd/orly-launcher/web
          echo "Installing launcher admin dependencies..."
          bun install
          echo "Building launcher admin UI..."
          bun run build
          ls -lah dist/
          echo "Launcher admin UI build complete"

      - name: Build All Packages
        run: |
          set -e
          export PATH=/usr/local/go/bin:$PATH
          cd ${GITHUB_WORKSPACE}
          echo "Building all packages..."
          CGO_ENABLED=0 go build -v ./...

      - name: Test
        run: |
          set -e
          export PATH=/usr/local/go/bin:$PATH
          cd ${GITHUB_WORKSPACE}
          echo "Running tests..."
          CGO_ENABLED=0 go test -v $(go list ./... | grep -v '/cmd/benchmark/external/' | xargs -n1 sh -c 'ls $0/*_test.go 1>/dev/null 2>&1 && echo $0' | grep .) || echo "Some tests failed, continuing..."

      - name: Build Release Binaries
        run: |
          set -e
          export PATH=/usr/local/go/bin:$PATH
          cd ${GITHUB_WORKSPACE}

          VERSION=${GITHUB_REF_NAME#v}
          echo "Building release binaries for version $VERSION"

          mkdir -p release-binaries

          # List of binaries to build
          BINARIES=(
            "orly:."
            "orly-db-badger:./cmd/orly-db-badger"
            "orly-db-neo4j:./cmd/orly-db-neo4j"
            "orly-acl-follows:./cmd/orly-acl-follows"
            "orly-acl-managed:./cmd/orly-acl-managed"
            "orly-acl-curation:./cmd/orly-acl-curation"
            "orly-launcher:./cmd/orly-launcher"
            "orly-sync-negentropy:./cmd/orly-sync-negentropy"
            "orly-certs:./cmd/orly-certs"
          )

          # Build for AMD64
          echo "Building for Linux AMD64..."
          for entry in "${BINARIES[@]}"; do
            name="${entry%%:*}"
            path="${entry##*:}"
            echo "  Building ${name}..."
            GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=amd64 CGO_ENABLED=0 \
              go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-amd64" "${path}"
          done

          # Build for ARM64
          echo "Building for Linux ARM64..."
          for entry in "${BINARIES[@]}"; do
            name="${entry%%:*}"
            path="${entry##*:}"
            echo "  Building ${name}..."
            GOEXPERIMENT=greenteagc,jsonv2 GOOS=linux GOARCH=arm64 CGO_ENABLED=0 \
              go build -ldflags "-s -w" -o "release-binaries/${name}-${VERSION}-linux-arm64" "${path}"
          done

          # Create checksums
          cd release-binaries
          sha256sum * > SHA256SUMS.txt
          cat SHA256SUMS.txt
          cd ..

          echo "Release binaries built successfully:"
          ls -lh release-binaries/

      - name: Create Gitea Release
        env:
          GITEA_TOKEN: ${{ secrets.GITEATOKEN }}
        run: |
          set -e
          cd ${GITHUB_WORKSPACE}

          if [ -z "${GITEA_TOKEN}" ]; then
            echo "ERROR: GITEA_TOKEN secret is not set!"
            exit 1
          fi

          VERSION=${GITHUB_REF_NAME}
          VERSION_NUM=${GITHUB_REF_NAME#v}
          REPO_OWNER=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f1)
          REPO_NAME=$(echo ${GITHUB_REPOSITORY} | cut -d'/' -f2)

          echo "Creating release for ${REPO_OWNER}/${REPO_NAME} version ${VERSION}"

          API_URL="${GITHUB_SERVER_URL}/api/v1"

          # Check if release already exists and delete it
          echo "Checking for existing release..."
          EXISTING_RELEASE=$(curl -s -H "Authorization: token ${GITEA_TOKEN}" \
            "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}")

          EXISTING_ID=$(echo "${EXISTING_RELEASE}" | jq -r '.id // empty' 2>/dev/null)
          if [ -n "${EXISTING_ID}" ]; then
            echo "Deleting existing release ${EXISTING_ID}..."
            curl -s -X DELETE \
              -H "Authorization: token ${GITEA_TOKEN}" \
              "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${EXISTING_ID}"
            sleep 2
          fi

          # Ensure tag exists by fetching it
          git fetch origin "refs/tags/${VERSION}:refs/tags/${VERSION}" --force 2>/dev/null || true

          # Create the release body
          RELEASE_BODY=$(cat <<RELEASEBODY
          ## ORLY Release ${VERSION}

          ### Binaries Included
          * orly - Main relay binary
          * orly-db-badger - Badger database server
          * orly-db-neo4j - Neo4j database server
          * orly-acl-follows - Follows ACL server
          * orly-acl-managed - Managed ACL server
          * orly-acl-curation - Curation ACL server
          * orly-launcher - Process supervisor with admin UI
          * orly-sync-negentropy - Negentropy sync service
          * orly-certs - DNS-01 wildcard certificate manager

          ### Architectures
          * Linux AMD64 (x86_64)
          * Linux ARM64 (aarch64)

          ### Installation
          1. Download the appropriate binaries for your architecture
          2. Make them executable: chmod +x orly-*
          3. Run with: ./orly-launcher (for split mode) or ./orly (standalone)
          RELEASEBODY
          )

          # Create release JSON payload
          RELEASE_JSON=$(jq -n \
            --arg tag "${VERSION}" \
            --arg name "Release ${VERSION}" \
            --arg body "${RELEASE_BODY}" \
            '{tag_name: $tag, name: $name, body: $body}')

          echo "Creating release..."
          RELEASE_RESPONSE=$(curl -s -X POST \
            -H "Authorization: token ${GITEA_TOKEN}" \
            -H "Content-Type: application/json" \
            -d "${RELEASE_JSON}" \
            "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases")

          echo "Release response: ${RELEASE_RESPONSE}"

          RELEASE_ID=$(echo "${RELEASE_RESPONSE}" | jq -r '.id // empty')

          if [ -z "${RELEASE_ID}" ]; then
            echo "ERROR: Failed to create release"
            echo "Response: ${RELEASE_RESPONSE}"
            exit 1
          fi

          echo "Release created with ID: ${RELEASE_ID}"

          # Upload all assets
          for ASSET in release-binaries/*; do
            FILENAME=$(basename "${ASSET}")
            echo "Uploading ${FILENAME}..."

            curl -s -X POST \
              -H "Authorization: token ${GITEA_TOKEN}" \
              -F "attachment=@${ASSET}" \
              "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/${RELEASE_ID}/assets?name=${FILENAME}"
          done

          echo "Release ${VERSION} created successfully!"

          # Verify
          curl -s -H "Authorization: token ${GITEA_TOKEN}" \
            "${API_URL}/repos/${REPO_OWNER}/${REPO_NAME}/releases/tags/${VERSION}" | jq '.'