name: "Charts: Release to GHCR OCI"

on:
  workflow_call:
    inputs:
      charts:
        description: >
          Json encoded list of Helm charts to release.
          Defaults to releasing everything.
        default: "[]"
        required: false
        type: string
    secrets:
      BJWS_APP_ID:
        required: true
      BJWS_APP_PRIVATE_KEY:
        required: true

env:
  HELM_VERSION: 3.11.1

jobs:
  release-charts:
    name: Release charts
    runs-on: ubuntu-22.04
    steps:
      - name: Get GitHub API token
        id: get-app-token
        uses: getsentry/action-github-app-token@v1
        with:
          app_id: ${{ secrets.BJWS_APP_ID }}
          private_key: ${{ secrets.BJWS_APP_PRIVATE_KEY }}

      - name: Login to GitHub Container Registry
        id: login-to-ghcr
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.BJWS_APP_PRIVATE_KEY }}

      - name: Checkout charts branch
        uses: actions/checkout@v3
        with:
          token: ${{ steps.get-app-token.outputs.token }}
          path: "src"
          fetch-depth: 0

      - name: Install Kubernetes tools
        uses: yokawasa/action-setup-kube-tools@v0.8.2
        with:
          setup-tools: |
            helmv3
          helm: "${{ env.HELM_VERSION }}"

      - name: Package & Push Helm Charts
        shell: bash
        env:
          SRC_DIR: "src/charts"
        run: |
          CHARTS=( $(yq --null-input e '${{ inputs.charts }}[]' ) )

          for CHART in "${CHARTS[@]}" ; do
            mapfile -t CHART_PATH_PARTS < <(echo "$CHART" | tr '/' '\n')
            CHART_TYPE=${CHART_PATH_PARTS[0]}

            helm dep up "${SRC_DIR}/${CHART}"
            helm package "${SRC_DIR}/${CHART}" -u
            helm push ${CHART} oci://ghcr.io/${{ github.actor }}
          done