name: authentik-on-release

on:
  release:
    types: [published, created]
  push:
    branches:
      - version-*

jobs:
  # Build
  build-server:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1.2.0
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - name: Docker Login Registry
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Building Docker Image
        uses: docker/build-push-action@v2
        with:
          push: ${{ github.event_name == 'release' }}
          tags: |
            beryju/authentik:2021.7.1-rc1,
            beryju/authentik:latest,
            ghcr.io/goauthentik/server:2021.7.1-rc1,
            ghcr.io/goauthentik/server:latest
          platforms: linux/amd64,linux/arm64
          context: .
      - name: Building Docker Image (stable)
        if: ${{ github.event_name == 'release' && !contains('2021.7.1-rc1', 'rc') }}
        run: |
          docker pull beryju/authentik:latest
          docker tag beryju/authentik:latest beryju/authentik:stable
          docker push beryju/authentik:stable
          docker pull ghcr.io/goauthentik/server:latest
          docker tag ghcr.io/goauthentik/server:latest ghcr.io/goauthentik/server:stable
          docker push ghcr.io/goauthentik/server:stable
  build-proxy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-go@v2
        with:
          go-version: "^1.15"
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1.2.0
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - name: Docker Login Registry
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Building Docker Image
        uses: docker/build-push-action@v2
        with:
          push: ${{ github.event_name == 'release' }}
          tags: |
            beryju/authentik-proxy:2021.7.1-rc1,
            beryju/authentik-proxy:latest,
            ghcr.io/goauthentik/proxy:2021.7.1-rc1,
            ghcr.io/goauthentik/proxy:latest
          file: proxy.Dockerfile
          platforms: linux/amd64,linux/arm64
      - name: Building Docker Image (stable)
        if: ${{ github.event_name == 'release' && !contains('2021.7.1-rc1', 'rc') }}
        run: |
          docker pull beryju/authentik-proxy:latest
          docker tag beryju/authentik-proxy:latest beryju/authentik-proxy:stable
          docker push beryju/authentik-proxy:stable
          docker pull ghcr.io/goauthentik/proxy:latest
          docker tag ghcr.io/goauthentik/proxy:latest ghcr.io/goauthentik/proxy:stable
          docker push ghcr.io/goauthentik/proxy:stable
  build-ldap:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-go@v2
        with:
          go-version: "^1.15"
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v1.2.0
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v1
      - name: Docker Login Registry
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v1
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Building Docker Image
        uses: docker/build-push-action@v2
        with:
          push: ${{ github.event_name == 'release' }}
          tags: |
            beryju/authentik-ldap:2021.7.1-rc1,
            beryju/authentik-ldap:latest,
            ghcr.io/goauthentik/ldap:2021.7.1-rc1,
            ghcr.io/goauthentik/ldap:latest
          file: ldap.Dockerfile
          platforms: linux/amd64,linux/arm64
      - name: Building Docker Image (stable)
        if: ${{ github.event_name == 'release' && !contains('2021.7.1-rc1', 'rc') }}
        run: |
          docker pull beryju/authentik-ldap:latest
          docker tag beryju/authentik-ldap:latest beryju/authentik-ldap:stable
          docker push beryju/authentik-ldap:stable
          docker pull ghcr.io/goauthentik/ldap:latest
          docker tag ghcr.io/goauthentik/ldap:latest ghcr.io/goauthentik/ldap:stable
          docker push ghcr.io/goauthentik/ldap:stable
  test-release:
    needs:
      - build-server
      - build-proxy
      - build-ldap
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Run test suite in final docker images
        run: |
          sudo apt-get install -y pwgen
          echo "PG_PASS=$(pwgen 40 1)" >> .env
          echo "AUTHENTIK_SECRET_KEY=$(pwgen 50 1)" >> .env
          docker-compose pull -q
          docker-compose up --no-start
          docker-compose start postgresql redis
          docker-compose run -u root server test
  sentry-release:
    if: ${{ github.event_name == 'release' }}
    needs:
      - test-release
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Setup Node.js environment
        uses: actions/setup-node@v2.3.0
        with:
          node-version: 12.x
      - name: Build web api client and web ui
        run: |
          export NODE_ENV=production
          make gen-web
          cd web
          npm i
          npm run build
      - name: Create a Sentry.io release
        uses: getsentry/action-release@v1
        if: ${{ github.event_name == 'release' }}
        env:
          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
          SENTRY_ORG: beryjuorg
          SENTRY_PROJECT: authentik
          SENTRY_URL: https://sentry.beryju.org
        with:
          version: authentik@2021.7.1-rc1
          environment: beryjuorg-prod
          sourcemaps: './web/dist'