stages:
- prepare

preconditions_failed:
  stage: .pre
  image: alpine:3.19
  script:
  - |
    echo "To use Unbound Release, a UNBOUND_RELEASE_TOKEN environment variable needs to be defined."
    echo "It needs API access to write repository files, create MRs and releases and it needs at least Developer access."
    echo " "
    echo "See more info here:"
    echo "Personal Access Tokens: https://docs.gitlab.com/ee/user/profile/personal_access_tokens.html"
    echo "Project Access Tokens: https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html"
    echo "Group Access Tokens: https://docs.gitlab.com/ee/user/group/settings/group_access_tokens.html"
  - 'false'
  rules:
  - if: $UNBOUND_RELEASE_TOKEN == null

changelog:
  stage: .pre
  image:
    name: orhunp/git-cliff:latest
    entrypoint: [ "" ]
  variables:
    GIT_STRATEGY: clone # clone entire repo instead of reusing workspace
    GIT_DEPTH: 0 # avoid shallow clone to give cliff all the info it needs
  script:
  - 'echo "Generating changelog"'
  - 'git-cliff --bump > CHANGELOG.md'
  - 'echo "Bumping version"'
  - 'git-cliff --bumped-version 2>/dev/null > VERSION'
  artifacts:
    paths:
    - CHANGELOG.md
    - VERSION
  rules:
  - if: $UNBOUND_RELEASE_TOKEN == null
    when: never
  - if: '$CI_COMMIT_TITLE =~ /^chore\(release\): prepare for .*$/'
    when: never
  - if: $CI_DEFAULT_BRANCH == $CI_COMMIT_BRANCH

handle_mr:
  stage: .pre
  image: alpine:latest
  needs:
  - changelog
  before_script:
  - 'apk add --no-cache jq curl'
  script:
  - |
    echo "Fetching existing release MRs"
    MRS=$(curl -s \
            -H "Authorization: Bearer ${UNBOUND_RELEASE_TOKEN}" \
            "https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/merge_requests?state=opened&source_branch=next-release")
    BRANCHES=$(curl -s \
            -H "Authorization: Bearer ${UNBOUND_RELEASE_TOKEN}" \
            "https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/repository/branches?regex=^next-release\$")
    MR=$(echo "${MRS}" | jq ".[].iid")
    BRANCH=$(echo "${BRANCHES}" | jq ".[].name")
    TITLE="chore(release): prepare for $(cat VERSION)"
    CONTENT="$(base64 -w0 <CHANGELOG.md)"
    BODY_TMPL='{"branch": "next-release", "start_branch": $startBranch, "author_email": "releaser@unbound.se", "author_name": "Unbound Release", "content": $content, "commit_message": $title, "encoding": "base64" }'
    if [ -n "${BRANCH}" ]; then
      BODY_TMPL='{"branch": "next-release", "author_email": "releaser@unbound.se", "author_name": "Unbound Release", "content": $content, "commit_message": $title, "encoding": "base64" }'
    fi
    BODY="$(jq --null-input -c \
              --arg title "${TITLE}" \
              --arg content "${CONTENT}" \
              --arg startBranch "${CI_DEFAULT_BRANCH}" \
              "${BODY_TMPL}")"
    curl -s -X PUT \
      -H "Authorization: Bearer ${UNBOUND_RELEASE_TOKEN}" \
      -H "Content-Type: application/json" \
      --data "${BODY}" \
        "https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/repository/files/CHANGELOG%2Emd"
    if [ -n "${MR}" ]; then
      echo "Updating existing MR"
      echo "Rebasing branch"
      curl -s -X PUT \
        -H "Authorization: Bearer ${UNBOUND_RELEASE_TOKEN}" \
        -H "Content-Type: application/json" \
        "https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/merge_requests/${MR}/rebase"
      echo "Updating title"
      BODY_TMPL='{"target_branch":$target,"title":$title,"remove_source_branch":true,"squash":true}'
      BODY=$(jq --null-input -c \
              --arg title "${TITLE}" \
              --arg target "${CI_DEFAULT_BRANCH}" \
              "${BODY_TMPL}")
      curl -s -X PUT \
        -H "Authorization: Bearer ${UNBOUND_RELEASE_TOKEN}" \
        -H "Content-Type: application/json" \
        --data "${BODY}" \
        "https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/merge_requests/${MR}"
    else
      echo "Creating new MR"
      BODY_TMPL='{"source_branch":"next-release","target_branch":$target,"title":$title,"remove_source_branch":true,"squash":true}'
      BODY=$(jq --null-input -c \
              --arg title "${TITLE}" \
              --arg target "${CI_DEFAULT_BRANCH}" \
              "${BODY_TMPL}")
      curl -s -X POST \
        -H "Authorization: Bearer ${UNBOUND_RELEASE_TOKEN}" \
        -H "Content-Type: application/json" \
        --data "${BODY}" \
        "https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/merge_requests"
    fi
  rules:
  - if: $UNBOUND_RELEASE_TOKEN == null
    when: never
  - if: '$CI_COMMIT_TITLE =~ /^chore\(release\): prepare for .*$/'
    when: never
  - if: $CI_DEFAULT_BRANCH == $CI_COMMIT_BRANCH

prepare_release:
  stage: .pre
  image:
    name: orhunp/git-cliff:latest
    entrypoint: [ "" ]
  variables:
    GIT_STRATEGY: clone # clone entire repo instead of reusing workspace
    GIT_DEPTH: 0 # avoid shallow clone to give cliff all the info it needs
  script:
  - 'echo "Generating changelog"'
  - 'git-cliff --bump --unreleased --strip header > CHANGES.md'
  - 'echo "Bumping version"'
  - 'git-cliff --bumped-version 2>/dev/null > VERSION'
  artifacts:
    paths:
    - CHANGES.md
    - VERSION
  rules:
  - if: $UNBOUND_RELEASE_TOKEN == null
    when: never
  - if: $CI_DEFAULT_BRANCH != $CI_COMMIT_BRANCH
    when: never
  - if: '$CI_COMMIT_TITLE =~ /^chore\(release\): prepare for .*$/'

release:
  stage: .pre
  image: alpine:latest
  needs:
  - prepare_release
  before_script:
  - 'apk add --no-cache jq curl'
  script:
  - |
    echo "Creating release"
    NAME="$(cat VERSION)"
    MESSAGE="$(cat CHANGES.md)"
    BODY_TMPL='{"name":$name,"tag_name":$name,"tag_message":$name,"description":$message,"ref":$ref}'
    BODY="$(jq --null-input -c \
              --arg name "${NAME}" \
              --arg message "${MESSAGE}" \
              --arg ref "${CI_DEFAULT_BRANCH}" \
              "${BODY_TMPL}")"
    curl -s -X POST \
      -H "Authorization: Bearer ${UNBOUND_RELEASE_TOKEN}" \
      -H "Content-Type: application/json" \
      --data "${BODY}" \
        "https://gitlab.com/api/v4/projects/${CI_PROJECT_ID}/releases"
  rules:
  - if: $UNBOUND_RELEASE_TOKEN == null
    when: never
  - if: $CI_DEFAULT_BRANCH != $CI_COMMIT_BRANCH
    when: never
  - if: '$CI_COMMIT_TITLE =~ /^chore\(release\): prepare for .*$/'