on:
  workflow_call:
    inputs:
      nfpm_file_pattern:
        type: string
        description: The pattern of the nfpm configuration file(s)
        required: true
      distrib:
        type: string
        description: The distrib
        required: true
      package_extension:
        type: string
        description: The package extension (deb or rpm)
        required: true
      image_name:
        type: string
        description: The image name
        required: true
      version:
        type: string
        description: The package version
        required: false
      release:
        type: string
        description: The release number
        required: false
      source_cache_key:
        type: string
        description: The source files cache key
        required: false
      source_cache_path:
        type: string
        description: The source files path
        required: false
      cache_key:
        type: string
        description: The package files cache key
        required: true

jobs:
  package:
    runs-on: ubuntu-22.04
    container:
      image: ${{ vars.DOCKER_INTERNAL_REGISTRY_URL }}/${{ inputs.image_name }}
      credentials:
        username: ${{ secrets.DOCKER_REGISTRY_ID }}
        password: ${{ secrets.DOCKER_REGISTRY_PASSWD }}

    steps:
      - name: Checkout sources
        uses: actions/checkout@v3

      - name: Import gpg key
        env:
          RPM_GPG_SIGNING_KEY: ${{ secrets.RPM_GPG_SIGNING_KEY }}
        run: echo -n "$RPM_GPG_SIGNING_KEY" > key.gpg
        shell: bash

      - if: ${{ inputs.source_cache_key != '' && inputs.source_cache_path != '' }}
        name: Import source files
        uses: actions/cache/restore@v3
        with:
          path: ${{ inputs.source_cache_path }}
          key: ${{ inputs.source_cache_key }}
          fail-on-cache-miss: true

      - name: Build ${{ inputs.package_extension }} files
        env:
          RPM_GPG_SIGNING_KEY_ID: ${{ secrets.RPM_GPG_SIGNING_KEY_ID }}
          RPM_GPG_SIGNING_PASSPHRASE: ${{ secrets.RPM_GPG_SIGNING_PASSPHRASE }}
        run: |
          export VERSION="${{ inputs.version }}"
          export RELEASE="${{ inputs.release }}"

          if  [ "${{ inputs.package_extension }}" = "rpm" ]; then
            export DIST=".${{ inputs.distrib }}"
            export APACHE_USER="apache"
            export APACHE_GROUP="apache"
          else
            export DIST=""
            export APACHE_USER="www-data"
            export APACHE_GROUP="www-data"
          fi

          export PERL_SITELIB="$(eval "$(perl -V:installsitelib)"; echo $installsitelib)"
          export PERL_VENDORLIB="$(eval "$(perl -V:installvendorlib)"; echo $installvendorlib)"

          export RPM_SIGNING_KEY_FILE="$(pwd)/key.gpg"
          export RPM_SIGNING_KEY_ID="$RPM_GPG_SIGNING_KEY_ID"
          export NFPM_RPM_PASSPHRASE="$RPM_GPG_SIGNING_PASSPHRASE"

          for FILE in ${{ inputs.nfpm_file_pattern }}; do
            DIRNAME=$(dirname $FILE)
            BASENAME=$(basename $FILE)
            cd $DIRNAME
            sed -i \
              "s/@COMMIT_HASH@/${{ github.sha }}/g; s#@PERL_SITELIB@#${PERL_SITELIB}#g; s#@PERL_VENDORLIB@#${PERL_VENDORLIB}#g" \
              $BASENAME
            nfpm package --config $BASENAME --packager ${{ inputs.package_extension }}
            cd -
            mv $DIRNAME/*.${{ inputs.package_extension }} ./
          done
        shell: bash

      - name: Upload package artifacts
        uses: actions/upload-artifact@v3
        with:
          name: packages-${{ inputs.distrib }}
          path: ./*.${{ inputs.package_extension }}
          retention-days: 1

      - name: Cache packages
        uses: actions/cache@v3
        with:
          path: ./*.${{ inputs.package_extension }}
          key: ${{ inputs.cache_key }}