.github/workflows/build.yml

name: CI

on:
  push:
    branches:
      - '**' # Run on all branches, ignore tags.
  pull_request:

env:
  GRADLE_OPTS: "-Dorg.gradle.internal.launcher.welcomeMessageEnabled=false"

concurrency:
  cancel-in-progress: true
  group: build-${{ github.event.pull_request.number || github.event.after }}

jobs:
  test-matrix:
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: ubuntu-latest
            tasks: check
          - os: windows-latest
            tasks: mingwX64Test
          - os: macos-13
            tasks: macosX64Test iosX64Test tvosX64Test watchosX64Test
          - os: macos-latest
            tasks: macosArm64Test iosSimulatorArm64Test tvosSimulatorArm64Test watchosSimulatorArm64Test
    runs-on: ${{ matrix.os }}
    name: Test on ${{ matrix.os }}
    steps:
      - name: Check out code
        uses: actions/checkout@v4.2.2
        with:
          fetch-depth: 0

      - name: Validate Gradle wrapper
        uses: gradle/actions/wrapper-validation@v4.1.0

      - name: Set up JDK
        uses: actions/setup-java@v4.5.0
        with:
          java-version: 17
          distribution: temurin

      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v4.1.0

      - name: Cache konan dependencies
        uses: actions/cache@v4
        with:
          path: ~/.konan
          key: ${{ runner.os }}-gradle-${{ hashFiles('*.gradle.kts') }}
          restore-keys: |
              ${{ runner.os }}-gradle-

      - name: Build
        run: ./gradlew ${{ matrix.tasks }}

  publish:
    name: "Build and Publish"
    needs:
      - test-matrix
    runs-on: macos-latest
    env:
      TERM: xterm-256color
      GPG_KEY_ID: 6D76AD03 # Run `gpg -K` to get this, take last eight characters

    permissions:
      contents: write # Required to be able to publish releases, see https://docs.github.com/en/rest/reference/permissions-required-for-github-apps#permission-on-contents
      issues: write
      pull-requests: write

    steps:
      - name: Check out code
        uses: actions/checkout@v4.2.2
        with:
          fetch-depth: 0

      - name: Validate Gradle wrapper
        uses: gradle/actions/wrapper-validation@v4.1.0

      - name: Set up JDK
        uses: actions/setup-java@v4.5.0
        with:
          java-version: 17
          distribution: temurin

      - name: Setup Node.js
        uses: actions/setup-node@v4.1.0
        with:
          node-version: 20

      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v4.1.0

      - name: Cache konan dependencies
        uses: actions/cache@v4
        with:
          path: ~/.konan
          key: ${{ runner.os }}-gradle-${{ hashFiles('*.gradle.kts') }}
          restore-keys: |
            ${{ runner.os }}-gradle-

      - name: Install release tooling
        run: npm --prefix=.github/workflows/release clean-install

      - name: Create release
        run: npx --prefix=.github/workflows/release semantic-release
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        if: github.repository == 'charleskorn/kaml' && github.ref == 'refs/heads/main' && github.event_name == 'push'

      - name: Build
        run: ./gradlew assemble

      - name: Get tag
        id: get_tag
        run: |
          if git describe --tags --abbrev=0 --exact-match >/dev/null; then
            echo "tag=$(git describe --tags --abbrev=0 --exact-match)" >> $GITHUB_OUTPUT
          else
            echo "skip=true" >> $GITHUB_OUTPUT
          fi
        if: github.repository == 'charleskorn/kaml' && github.ref == 'refs/heads/main' && github.event_name == 'push'

      - name: Assemble release
        run: ./gradlew assembleRelease
        env:
          GPG_KEY_RING: ${{ secrets.GPG_KEY_RING }} # Run `gpg --export-secret-keys "<key user name goes here>" | base64` to get this
          GPG_KEY_PASSPHRASE: ${{ secrets.GPG_KEY_PASSPHRASE }}
        if: github.repository == 'charleskorn/kaml' && github.ref == 'refs/heads/main' && github.event_name == 'push' && steps.get_tag.outputs.skip != 'true'

      - name: Publish release
        run: ./gradlew publishRelease
        env:
          OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
          OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
          GPG_KEY_RING: ${{ secrets.GPG_KEY_RING }} # Run `gpg --export-secret-keys "<key user name goes here>" | base64` to get this
          GPG_KEY_PASSPHRASE: ${{ secrets.GPG_KEY_PASSPHRASE }}
        if: github.repository == 'charleskorn/kaml' && github.ref == 'refs/heads/main' && github.event_name == 'push' && steps.get_tag.outputs.skip != 'true'

      - name: Add artifacts to GitHub release
        uses: softprops/action-gh-release@v2.0.9
        with:
          tag_name: ${{ steps.get_tag.outputs.tag }}
          files: build/release/*
          fail_on_unmatched_files: true
          draft: false
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        if: github.repository == 'charleskorn/kaml' && github.ref == 'refs/heads/main' && github.event_name == 'push' && steps.get_tag.outputs.skip != 'true'