name: Deploy to Preview Server
on: 
  push:
    branches: [ preview ]
  workflow_dispatch:

permissions: write-all

jobs:
  secretscan:
    if: ${{ !github.event.act }} # skip during local actions testing
    name: Scan for Secrets
    runs-on: self-hosted
    steps:
    - name: Clone Repository
      uses: actions/checkout@v4
      with:
        ref: preview

    - name: Secret Scan
      uses: max/secret-scan@master
      with:
        exclude_path: 'SecretsIgnore.txt'

  spellcheck:
    if: ${{ !github.event.act }} # skip during local actions testing
    name: Spell Check with Typos
    runs-on: self-hosted
    steps:
    - name: Clone Repository
      uses: actions/checkout@v4
      with:
        ref: preview

    - name: Check spelling
      uses: crate-ci/typos@master

  preview_deploy:
    name: Build Project and Upload to Server
    runs-on: self-hosted
    steps:
      - name: Cleanup
        run: rm -rf ProjectMakotoPreview/

      - name: Install SSH Key
        if: ${{ !github.event.act }} # skip during local actions testing
        uses: shimataro/ssh-key-action@v2
        with:
          key: ${{ secrets.SSH_TOKEN }}
          known_hosts: ${{ secrets.SSH_KNOWN_HOST }}

      - name: Setup .NET Core SDK 8.x
        uses: actions/setup-dotnet@v4
        with:
          dotnet-version: | 
            9.x

      - name: "Clone Repository"
        uses: actions/checkout@v4
        with:
          ref: preview
          submodules: recursive
          path: ProjectMakotoPreview
          token: ${{ secrets.Access_token }}

      - name: Install Dependencies
        run: dotnet restore
        working-directory: ProjectMakotoPreview/ProjectMakoto/
        
      - name: Mark .sh files as executable
        run: find . -type f -name "*.sh" -exec chmod +x {} +
        working-directory: ProjectMakotoPreview/OfficialPlugins/
        
      - name: Prepare Makoto Plugin Build
        run: sh update_deps.sh
        working-directory: ProjectMakotoPreview/OfficialPlugins/
        
      - name: Build Makoto
        run: dotnet publish --configuration RELEASE --runtime linux-x64 --no-self-contained --output "build" --property:PublishDir="build" --framework net9.0
        working-directory: ProjectMakotoPreview/ProjectMakoto/
        timeout-minutes: 5

      - name: Create Version File
        run: git rev-parse --short HEAD > "ProjectMakoto/build/LatestGitPush.cfg" && git branch --show-current >> ProjectMakoto/build/LatestGitPush.cfg && echo $(date +%d.%m.%y) >> ProjectMakoto/build/LatestGitPush.cfg && echo $(date +%H:%M:%S,00) >> ProjectMakoto/build/LatestGitPush.cfg
        working-directory: ProjectMakotoPreview/

      - name: Build Makoto Plugins
        run: sh build_all.sh 1
        working-directory: ProjectMakotoPreview/OfficialPlugins/

      - name: Create plugins directory
        run: mkdir Plugins
        working-directory: ProjectMakotoPreview/ProjectMakoto/build

      - name: Move plugins into directory
        run: mv ../OfficialPlugins/*.pmpl build/Plugins/
        working-directory: ProjectMakotoPreview/ProjectMakoto/

      - name: Commit new trusted hashes
        working-directory: ProjectMakotoPreview/
        run: |
          git clone https://github.com/Fortunevale/ProjectMakoto.TrustedPlugins
          cd ProjectMakoto.TrustedPlugins
          mv ../OfficialPlugins/trusted_manifests/*.json hashes/
          git config --global user.name 'Project Makoto'
          git config --global user.email 'ichigo@aitsys.dev'
          git remote set-url origin https://x-access-token:${{ secrets.PROJECT_MAKOTO_ACCESS_TOKEN }}@github.com/Fortunevale/ProjectMakoto.TrustedPlugins
          git add -A
          git commit -am "Add new preview hashes"
          git push

      - name: Sleep for 10 seconds
        run: sleep 10
        shell: bash

      - name: Deploy to Preview Server
        if: ${{ !github.event.act }} # skip during local actions testing
        run: rsync -avz --delete --force -e "ssh -p ${{ secrets.SSH_PORT }}" . ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_SERVER }}:/home/${{ secrets.SSH_USERNAME }}/Bots/latestProjectIchigoPreview/
        working-directory: ProjectMakotoPreview/ProjectMakoto/build/

      - name: Send Update Signal to Preview Client
        if: ${{ !github.event.act }} # skip during local actions testing
        run: ssh ${{ secrets.SSH_USERNAME }}@${{ secrets.SSH_SERVER }} -p ${{ secrets.SSH_PORT }} touch /home/${{ secrets.SSH_USERNAME }}/Bots/ProjectIchigoPreview/updated

      - name: Create Zip File from Build
        run: zip -r Release.zip build
        working-directory: ProjectMakotoPreview/ProjectMakoto/

      - name: Truncate String
        uses: 2428392/gh-truncate-string-action@v1.3.0
        id: truncatedString
        with:
          stringToTruncate: ${{ github.sha }}
          maxLength: 10

      - name: Create Release
        if: ${{ !github.event.act }} # skip during local actions testing
        uses: ncipollo/release-action@v1.14.0
        with:
          artifacts: "ProjectMakotoPreview/ProjectMakoto/Release.zip"
          generateReleaseNotes: true
          prerelease: true
          tag: ${{ steps.truncatedString.outputs.string }}-pre
          commit: ${{ github.sha }}

      - name: Cleanup
        run: rm -rf ProjectMakotoPreview/
        if: always()