.github/workflows/pr-build.yml

on: push

defaults:
  run:
    shell: bash

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout sidecar project
        uses: actions/checkout@v4

      - name: Setup Go environment
        uses: actions/setup-go@v5
        with:
          go-version: '1.21'

      - name: "compile"
        run: |
          go version
          go mod vendor
          make test
          make build-all

      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USER }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Sign Windows binaries
        run: >
          docker run --rm
          -e "CODESIGN_USER=$CODESIGN_USER"
          -e "CODESIGN_PASS=$CODESIGN_PASS"
          -e "CODESIGN_TOTP_SECRET=$CODESIGN_TOTP_SECRET"
          -e "CODESIGN_CREDENTIAL_ID=$CODESIGN_CREDENTIAL_ID"
          -v $(pwd):/home/jenkins
          graylog/internal-codesigntool:latest
          make sign-binaries
        env:
          CODESIGN_USER: ${{ secrets.CODESIGN_USER }}
          CODESIGN_PASS: ${{ secrets.CODESIGN_PASS }}
          CODESIGN_TOTP_SECRET: ${{ secrets.CODESIGN_TOTP_SECRET }}
          CODESIGN_CREDENTIAL_ID: ${{ secrets.CODESIGN_CREDENTIAL_ID }}

      - name: Build packages
        run: mkdir dist/pkg && docker run --rm -v $(pwd):/home torch/jenkins-fpm-cook-root:latest sh -c "cd /home && make package-all"

      - name: Sign Windows Installer
        run: >
          docker run --rm
          -e "CODESIGN_USER=$CODESIGN_USER"
          -e "CODESIGN_PASS=$CODESIGN_PASS"
          -e "CODESIGN_TOTP_SECRET=$CODESIGN_TOTP_SECRET"
          -e "CODESIGN_CREDENTIAL_ID=$CODESIGN_CREDENTIAL_ID"
          -v $(pwd):/home/jenkins
          graylog/internal-codesigntool:latest
          make sign-windows-installer
        env:
          CODESIGN_USER: ${{ secrets.CODESIGN_USER }}
          CODESIGN_PASS: ${{ secrets.CODESIGN_PASS }}
          CODESIGN_TOTP_SECRET: ${{ secrets.CODESIGN_TOTP_SECRET }}
          CODESIGN_CREDENTIAL_ID: ${{ secrets.CODESIGN_CREDENTIAL_ID }}

      - name: Chocolatey Pack
        run: >
          docker build -f docker/Dockerfile.chocolatey docker/ -t local/chocolatey &&
          docker run --rm -v $(pwd):/root local/chocolatey make package-chocolatey

      - name: Create checksums
        run: cd dist/pkg && sha256sum * | tee CHECKSUMS-SHA256.txt

      - name: Archive artifacts
        uses: actions/upload-artifact@v3
        with:
          name: sidecar-artifacts
          retention-days: 14
          path: |
            dist/pkg