.github/workflows/release.yml

name: release
on:
  push:
    tags:
      - v*

env:
  PROVIDER: "threefold"
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  # IF YOU NEED TO PUBLISH A NPM PACKAGE THEN ENSURE A NPM_TOKEN SECRET IS SET
  # AND PUBLISH_NPM: TRUE. IF YOU WANT TO PUBLISH TO A PRIVATE NPM REGISTRY
  # THEN ENSURE THE NPM_REGISTRY_URL IS CHANGED
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  PUBLISH_NPM: true
  # NPM_REGISTRY_URL: https://registry.npmjs.org

  # IF YOU NEED TO PUBLISH A PYPI PACKAGE THEN ENSURE AN PYPI_API_TOKEN
  # SECRET IS SET AND PUBLISH_PYPI: TRUE. IF YOU WANT TO PUBLISH TO AN ALTERNATIVE
  # PYPI REGISTRY THEN ENSURE THE PYPI_REPOSITORY_URL IS SET. IF YOU ARE USING AN API_TOKEN THEN
  # YOU DO NOT NEED TO CHANGE THE PYPI_USERNAME (__token__) , IF YOU ARE USING PASSWORD AUTHENTICATION THEN YOU WILL
  # NEED TO CHANGE TO USE THE CORRECT PASSWORD
  PYPI_PASSWORD: ${{ secrets.PYPI_TOKEN }}
  PYPI_USERNAME: "__token__"
  PUBLISH_PYPI: true

jobs:
  publish_binary:
    name: publish
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Unshallow clone for tags
        run: git fetch --prune --unshallow

      - name: Install Go
        uses: actions/setup-go@v5
        with:
          go-version: 1.22

      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.12.0
        with:
          repo: pulumi/pulumictl

      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v6.0.0
        with:
          version: latest
          args: release --clean

    strategy:
      fail-fast: true

  publish_sdk:
    name: Publish SDKs
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Unshallow clone for tags
        run: git fetch --prune --unshallow

      - name: Install Go
        uses: actions/setup-go@v5
        with:
          go-version: 1.22

      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.12.0
        with:
          repo: pulumi/pulumictl

      - name: Install Pulumi CLI
        uses: pulumi/action-install-pulumi-cli@v2.0.0

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: ${{matrix.nodeversion}}
          registry-url: ${{env.NPM_REGISTRY_URL}}

      - name: Setup Python
        uses: actions/setup-python@v5
        with:
          python-version: ${{matrix.pythonversion}}

      - name: Generate SDK
        run: make ${{ matrix.language }}_sdk
      - name: Check worktree clean
        run: |
          git update-index -q --refresh
          if ! git diff-files --quiet; then
              >&2 echo "error: working tree is not clean, aborting!"
              git status
              git diff
              exit 1
          fi

      - name: Compress SDK folder
        run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .

      - name: Upload artifacts
        uses: actions/upload-artifact@v4
        with:
          name: ${{ matrix.language  }}-sdk.tar.gz
          path: ${{ github.workspace }}/sdk/${{ matrix.language }}.tar.gz

      - if: ${{ matrix.language == 'python' && env.PUBLISH_PYPI == 'true' }}
        name: Publish package to PyPI
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
          user: ${{ env.PYPI_USERNAME }}
          password: ${{ env.PYPI_PASSWORD }}
          packages-dir: ${{github.workspace}}/sdk/python/bin/dist

      - if: ${{ matrix.language == 'nodejs' && env.PUBLISH_NPM == 'true' }}
        uses: JS-DevTools/npm-publish@v3
        with:
          access: "public"
          token: ${{ env.NPM_TOKEN }}
          package: ${{github.workspace}}/sdk/nodejs/bin/package.json

    strategy:
      fail-fast: false
      matrix:
        language:
          - nodejs
          - python
          - go
        goversion:
          - 1.22.x
        nodeversion:
          - 21.x
        pythonversion:
          - "3.11.5"