name: continuous-integration

on:
  push:
    branches:
    - master
    - v[1-9].*
    - prep-v[1-9].*
    tags:
    - v[1-9].*
  pull_request:
    branches:
    - master
    - v[1-9].*
    - prep-v[1-9].*

permissions:
  contents: read

env:
  BUILDTIME_BASE: "golang:1.25.7-alpine3.23"
  RUNTIME_BASE: "alpine:3.23"
  GO_VERSION: "~1.25.7"
  GO_CACHE: "/home/runner/.cache/go-build"
  GO_MOD_CACHE: "/home/runner/go/pkg/mod"

jobs:
  # Runs Golangci-lint on the source code
  ci-go-lint:
    name: ci-go-lint
    runs-on: ubuntu-latest
    steps:
    - name: Check out code into the Go module directory
      uses: actions/checkout@v6

    - name: Set up Go 1.x
      uses: actions/setup-go@v6
      with:
        go-version: ${{ env.GO_VERSION }}
      id: go

    - name: Lint kube-router code
      run: |
        make lint

  # Executes Unit Tests
  ci-unit-tests:
    name: ci-unit-tests
    runs-on: ubuntu-latest
    steps:
    - name: Check out code into the Go module directory
      uses: actions/checkout@v6

    - name: Set up Go 1.x
      uses: actions/setup-go@v6
      with:
        go-version: ${{ env.GO_VERSION }}
      id: go

    - name: Run unit tests for kube-router
      run: |
        make test-pretty
      env:
        DOCKER_BUILD_IMAGE: ${{ env.BUILDTIME_BASE }}

  # Builds Kube-Router binary
  ci-build-kube-router:
    name: ci-build-kube-router
    runs-on: ubuntu-latest
    steps:
    - name: Check out code into the Go module directory
      uses: actions/checkout@v6

    - name: Set up Go 1.x
      uses: actions/setup-go@v6
      with:
        go-version: ${{ env.GO_VERSION }}
      id: go

    - name: Build kube-router
      run: |
        make kube-router

  # Builds Container only if a new push to main branch, a tag or a pull request from a source branch within the repository
  ci-build-container:
    runs-on: ubuntu-latest
    if: ${{ github.event_name != 'pull_request' || (github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]') }}
    steps:
    - name: Checkout
      uses: actions/checkout@v6

    - name: Set up QEMU
      uses: docker/setup-qemu-action@v3

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Login to DockerHub
      uses: docker/login-action@v3
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}

    - name: Extract branch from github ref - New Push
      if: ${{ startsWith(github.ref, 'refs/tags/v') != true && github.event_name != 'pull_request' }}
      shell: bash
      run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
      id: extract_branch

    - name: Extract tag from github ref - New Release
      if: ${{ startsWith(github.ref, 'refs/tags/v') }}
      shell: bash
      run: echo "##[set-output name=tag;]$(echo ${GITHUB_REF#refs/tags/})"
      id: extract_tag

    - name: Build and push - New Push
      uses: docker/build-push-action@v6
      if: ${{ startsWith(github.ref, 'refs/tags/v') != true && github.event_name != 'pull_request' }}
      with:
        context: .
        platforms: |
          linux/amd64
          linux/arm64
          linux/arm/v7
          linux/s390x
          linux/ppc64le
        push: true
        build-args: |
          BUILDTIME_BASE=${{ env.BUILDTIME_BASE }}
          RUNTIME_BASE=${{ env.RUNTIME_BASE }}
        tags: cloudnativelabs/kube-router-git:${{ steps.extract_branch.outputs.branch }}

    - name: Build and push - New PR
      uses: docker/build-push-action@v6
      if: github.event_name == 'pull_request'
      with:
        context: .
        # Don't build multi arch images for PR as they take more than 30 min to build
        platforms: linux/amd64
        push: true
        build-args: |
          BUILDTIME_BASE=${{ env.BUILDTIME_BASE }}
          RUNTIME_BASE=${{ env.RUNTIME_BASE }}
        tags: cloudnativelabs/kube-router-git:PR-${{ github.event.pull_request.number }}

    # Tagging a release candidate, don't update latest
    - name: Build and push - New Tag (Release Candidate)
      uses: docker/build-push-action@v6
      if: ${{ startsWith(github.ref, 'refs/tags/v') && contains(github.ref, '-rc') }}
      with:
        context: .
        platforms: |
          linux/amd64
          linux/arm64
          linux/arm/v7
          linux/s390x
          linux/ppc64le
        push: true
        build-args: |
          BUILDTIME_BASE=${{ env.BUILDTIME_BASE }}
          RUNTIME_BASE=${{ env.RUNTIME_BASE }}
        tags: |
          cloudnativelabs/kube-router:${{ steps.extract_tag.outputs.tag }}

    # Tagging a proper release, update latest
    - name: Build and push - New Tag
      uses: docker/build-push-action@v6
      if: ${{ startsWith(github.ref, 'refs/tags/v') && ! contains(github.ref, '-rc') }}
      with:
        context: .
        platforms: |
          linux/amd64
          linux/arm64
          linux/arm/v7
          linux/s390x
          linux/ppc64le
        push: true
        build-args: |
          BUILDTIME_BASE=${{ env.BUILDTIME_BASE }}
          RUNTIME_BASE=${{ env.RUNTIME_BASE }}
        tags: |
          cloudnativelabs/kube-router:${{ steps.extract_tag.outputs.tag }}
          cloudnativelabs/kube-router:latest

  # Runs Go Releaser on Tag Event
  ci-goreleaser-tag:
    runs-on: ubuntu-latest
    if: ${{ startsWith(github.ref, 'refs/tags/v') }}
    permissions:
      contents: write
    steps:
    - name: Check out code into the Go module directory
      uses: actions/checkout@v6

    - name: Set up Go 1.x
      uses: actions/setup-go@v6
      with:
        go-version: ${{ env.GO_VERSION }}
      id: go

    - name: Run GoReleaser
      uses: goreleaser/goreleaser-action@v7
      with:
        version: "~> v2"
        distribution: goreleaser
        args: release --clean
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}