name: "Machine OS PR"

on:
  pull_request_target:
    paths:
      - 'version/rawversion/version.go'

concurrency:
  # Cancel other in-progress runs on re-pushes
  group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
  cancel-in-progress: true

jobs:
  podman-image-build-pr:
    name: Open PR on podman-machine-os
    runs-on: ubuntu-latest
    permissions:
      contents: read
      issues: write
      pull-requests: write
    env:
      SHA: ${{github.event.pull_request.head.sha}}
      UPSTREAM_MACHINE_OS: "containers/podman-machine-os"
      PODMAN_REPO: "containers/podman"
    steps:

      - name: Get version
        id: getversion
        run: |
          VERSION=$(curl "https://raw.githubusercontent.com/$PODMAN_REPO/$SHA/version/rawversion/version.go" | sed -n 's/^const RawVersion = \"\([0-9]\+\.[0-9]\+\.[0-9]\+\(-rc[0-9]\+\|-dev\)\?\)"$/\1/p')
          # ignore -dev version bumps unless on main
          if [[ -z "$VERSION" ]] ; then
            echo "::error:: Invalid version string"
            exit 1
          elif [[ $VERSION == *-dev ]] ; then
            echo "::warning:: SKIPPING: dev bump"
          elif [[ ${{github.base_ref}} == "main" ]] ; then
            echo "::warning:: SKIPPING: main branch"
          elif [[ ${{github.base_ref}} == *-rhel ]] ; then
            echo "::warning:: SKIPPING: rhel branch"
          else
            echo "update=true" >> "$GITHUB_OUTPUT"
          fi
          echo "version=$VERSION" >> "$GITHUB_OUTPUT"

      - name: Check machine-os-branch
        if: steps.getversion.outputs.update == 'true'
        run: |
          if ! (curl -s https://api.github.com/repos/$UPSTREAM_MACHINE_OS/branches| jq -e --arg branch "${{github.base_ref}}" '.[] | select(.name==$branch)') ; then
            echo "::error:: Release branch does not exist."
            echo "::error:: Please push $branch to $UPSTREAM_MACHINE_OS, then re-run this task."
            exit 1
          fi

      - name: Label
        if: steps.getversion.outputs.update == 'true'
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          GH_REPO: ${{ github.repository }}
        run: |
          gh pr edit --add-label do-not-merge/wait-machine-os-build ${{github.event.number}}

      - name: Install wait-for-copr
        if: steps.getversion.outputs.update == 'true'
        run: |
          pip3 install git+https://github.com/packit/wait-for-copr.git@main

      - uses: actions/checkout@v5
        if: steps.getversion.outputs.update == 'true'
        id: checkout
        with:
          repository: containers/podman-machine-os
          ref: ${{github.base_ref}}
          token: ${{secrets.PODMANBOT_TOKEN}}

      - name: Bump version
        if: steps.getversion.outputs.update == 'true'
        env:
          VERS: ${{steps.getversion.outputs.version}}
        run: |
          update=$(printf 's/export PODMAN_VERSION=".*"/export PODMAN_VERSION="%s"/g\n' "$VERS")
          sed -i "$update" podman-rpm-info-vars.sh
          sed -i 's/export PODMAN_PR_NUM=".*"/export PODMAN_PR_NUM="${{github.event.number}}"/g' podman-rpm-info-vars.sh
          echo "Updated file:"
          cat podman-rpm-info-vars.sh

      - name: Wait for COPR build
        if: steps.getversion.outputs.update == 'true'
        run: |
          wait-for-copr \
          --owner packit \
          --project containers-podman-${{github.event.number}} \
          podman \
          ${SHA::9}

      - name: Push
        if: steps.getversion.outputs.update == 'true'
        run: |
          # Make committer the user who triggered the action, either through cutting a release or manual trigger
          # GitHub gives everyone a noreply email associated with their account, use that email for the sign-off
          git config --local user.name ${{ github.actor }}
          git config --local user.email "${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com"
          bumpbranch="pr${{github.event.number}}"
          git checkout -b $bumpbranch
          git add podman-rpm-info-vars.sh
          git commit --signoff -m "Bump Podman to v${{ steps.getversion.outputs.version }}"
          git remote add podmanbot https://github.com/podmanbot/podman-machine-os
          git push -f podmanbot "$bumpbranch"

      - name: Check open PRs
        id: checkpr
        if: steps.getversion.outputs.update == 'true'
        run: |
          prs=$(gh pr list \
            --repo $UPSTREAM_MACHINE_OS \
            --head "pr${{github.event.number}}" \
            --state open \
            --json title \
            --jq 'length')
          if ((prs > 0)); then
            echo "::notice:: SKIPPING: PR already exists. Re-pushed to re-trigger build."
          else
            echo "openpr=true" >> "$GITHUB_OUTPUT"
          fi
        env:
          GH_TOKEN: ${{ secrets.PODMANBOT_TOKEN }}

      - name: Open PR
        if: steps.getversion.outputs.update == 'true' && steps.checkpr.outputs.openpr == 'true'
        id: pr
        run: |
          bumpbranch="pr${{github.event.number}}"
          body=$(printf 'Triggered by https://github.com/%s/pull/%s\n\n```release-note\nRelease v%s\n```\n' \
          "$PODMAN_REPO" "${{github.event.number}}" "${{ steps.getversion.outputs.version }}")
          uri=`gh pr create \
            --title "Bump Podman to v${{ steps.getversion.outputs.version }}" \
            --body  "$body" \
            --head "podmanbot:$bumpbranch" \
            --base "${{github.base_ref}}" \
            --repo $UPSTREAM_MACHINE_OS`
          echo "uri=$uri" >> "$GITHUB_OUTPUT"
        env:
          GH_TOKEN: ${{ secrets.PODMANBOT_TOKEN }}

      - name: Comment PR link
        if: steps.getversion.outputs.update == 'true' && steps.checkpr.outputs.openpr == 'true'
        uses: thollander/actions-comment-pull-request@v3
        with:
          message: "Building images at: ${{ steps.pr.outputs.uri }}"