name: Prepare

permissions:
  # To create a draft release
  contents: write
  # To sign artifacts.
  id-token: write

on:
  workflow_call:
    inputs:
      ref:
        required: true
        description: "GitHub ref to use"
        type: string
      version:
        required: true
        description: "Version to produce"
        type: string
      project:
        required: true
        description: "Project name, e.g.: the repository name"
        type: string
      release-notes:
        required: true
        description: "Release notes"
        type: string
      prerelease:
        required: false
        default: true
        description: "Whether to create a prerelease"
        type: boolean
      draft:
        required: false
        default: true
        description: "Whether to create a draft release"
        type: boolean

env:
  PULUMI_VERSION: ${{ inputs.version }}

jobs:
  sign:
    name: sign
    uses: ./.github/workflows/sign.yml
    with:
      ref: ${{ inputs.ref }}
      version: ${{ inputs.version }}

  publish:
    name: release
    needs: [sign]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref }}
      - name: Get commit hash
        id: commit-info
        run: |
          SHA=$(git rev-parse HEAD)
          ./.github/scripts/set-output sha "$SHA"
      - name: Download all artifacts
        uses: actions/download-artifact@v2
        with:
          path: artifacts.tmp
      - name: Rename SDKs
        # This step must match the rename SDKs step in the "sign" job above.
        run: |
          (
            cd artifacts.tmp/artifacts-python-sdk
            for file in *.whl ; do
              mv -vT "$file" "sdk-python-$file"
            done
          )
          (
            cd artifacts.tmp/artifacts-nodejs-sdk
            for file in *.tgz ; do
              mv -vT "$file" "sdk-nodejs-$file"
            done
          )
      - name: Flatten artifact directories
        run: |
          mkdir -p ./artifacts
          mv ./artifacts.tmp/artifacts-*/* ./artifacts
      - uses: ncipollo/release-action@3d2de22e3d0beab188d8129c27f103d8e91bf13a
        with:
          token: ${{ secrets.PULUMI_BOT_TOKEN }}
          name: v${{ inputs.version }}
          tag: v${{ inputs.version }}
          commit: "${{ fromJSON(steps.commit-info.outputs.sha) }}"
          draft: ${{ inputs.draft }}
          prerelease: ${{ inputs.prerelease }}
          allowUpdates: true

          body: |
            ${{ inputs.release-notes }}

          removeArtifacts: true
          replacesArtifacts: true
          artifactErrorsFailBuild: true
          artifacts: |
            artifacts/*