name: Nightly Release

on:
  schedule:
    - cron: "0 5 * * *" # 05:00 UTC daily
  workflow_dispatch: {}   # allow manual runs too

permissions:
  contents: read
  packages: write

env:
  REGISTRY_IMAGE: ghcr.io/${{ github.repository }}

jobs:
  nightly-build-and-push:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      
      - name: Setup pnpm
        uses: pnpm/action-setup@v4
        with:
          version: latest

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: 22
          cache: pnpm
          cache-dependency-path: '**/pnpm-lock.yaml'

      - name: Install dependencies (root)
        run: pnpm install --frozen-lockfile

      - name: Run tests
        run: pnpm run test

      - name: Build web package
        working-directory: packages/web
        run: pnpm run build

      - name: Package output
        working-directory: packages/web
        run: pnpm run package

      - name: Upload compressed build (artifact)
        uses: actions/upload-artifact@v4
        with:
          name: web-build-nightly
          path: packages/web/dist/build.tar
          if-no-files-found: error

      - name: Determine nightly tag
        id: meta
        shell: bash
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          set -euo pipefail
          DATE="$(date -u +%Y%m%d)"
          SHORTSHA="$(git rev-parse --short=12 HEAD)"
          # Try to use latest release tag if it exists; fallback to package version; else date
          LATEST_TAG="$(gh release view --json tagName --jq .tagName 2>/dev/null || true)"
          if [ -z "$LATEST_TAG" ] && [ -f packages/web/package.json ]; then
            LATEST_TAG="v$(jq -r .version packages/web/package.json)"
          fi
          if [ -n "$LATEST_TAG" ] && [ "$LATEST_TAG" != "vnull" ]; then
            TAG="nightly-${LATEST_TAG}-${SHORTSHA}"
          else
            TAG="nightly-${DATE}-${SHORTSHA}"
          fi
          echo "tag=$TAG"        >> "$GITHUB_OUTPUT"
          echo "tags=nightly, $TAG" >> "$GITHUB_OUTPUT"
          echo "Resolved nightly tags: nightly, $TAG"

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Build Container Image (multi-arch)
        id: build-container
        uses: redhat-actions/buildah-build@v2
        with:
          containerfiles: |
            ./packages/web/infra/Containerfile
          image: ${{ env.REGISTRY_IMAGE }}
          tags: ${{ steps.meta.outputs.tags }}
          oci: true
          platforms: linux/amd64, linux/arm64
          labels: |
            org.opencontainers.image.source=${{ github.repository }}
            org.opencontainers.image.revision=${{ github.sha }}
            org.opencontainers.image.created=${{ github.run_id }}

      - name: Push To GHCR
        id: push-to-registry
        uses: redhat-actions/push-to-registry@v2
        with:
          image: ${{ steps.build-container.outputs.image }}
          tags: ${{ steps.build-container.outputs.tags }}
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Print image URL
        run: echo "Image pushed to ${{ steps.push-to-registry.outputs.registry-paths }}"