name: Build and Publish Deb Package
on:
  push:
    tags: ["v*"]

jobs:
  build:
    runs-on: self-hosted
    steps:
      - name: Build and publish
        env:
          KUBECONFIG_B64: ${{ secrets.KUBECONFIG }}
        run: |
          set -euo pipefail

          # Checkout
          WORKDIR=$(mktemp -d)
          cd "$WORKDIR"
          git clone "$GITHUB_SERVER_URL/$GITHUB_REPOSITORY.git" src
          cd src
          git checkout "$GITHUB_SHA"

          # Build .deb
          VERSION="${GITHUB_REF_NAME#v}"
          PKG_NAME="${GITHUB_REPOSITORY##*/}"
          echo "Building ${PKG_NAME} version ${VERSION}"

          sed -i "s/^Version:.*/Version: ${VERSION}/" debian/control
          mv debian DEBIAN

          DEB_NAME="${PKG_NAME}_${VERSION}_amd64.deb"
          dpkg-deb --build --root-owner-group . "${WORKDIR}/${DEB_NAME}"
          echo "Built ${DEB_NAME}"

          # Setup kubeconfig
          mkdir -p ~/.kube
          echo "$KUBECONFIG_B64" | base64 -d > ~/.kube/config
          chmod 600 ~/.kube/config

          # Install kubectl if needed
          if ! command -v kubectl &>/dev/null; then
            curl -sLO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
            sudo install kubectl /usr/local/bin/kubectl
          fi

          # Publish to repo
          POD=$(kubectl get pod -n pkg-repo -l app=pkg-repo -o jsonpath='{.items[0].metadata.name}')
          kubectl cp "${WORKDIR}/${DEB_NAME}" "pkg-repo/${POD}:/incoming/${DEB_NAME}" -c reprepro
          kubectl exec -n pkg-repo "${POD}" -c reprepro -- \
            reprepro -b /repo/debian includedeb trixie "/incoming/${DEB_NAME}"
          kubectl exec -n pkg-repo "${POD}" -c reprepro -- \
            rm -f "/incoming/${DEB_NAME}"

          # Cleanup
          rm -rf "$WORKDIR" ~/.kube/config

          echo "Published ${DEB_NAME} to repo.n0ball.tw"