name: Release snapshot of PR
on:
  workflow_run:
    workflows: ["Build snapshot of PR"]
    types:
      - completed

env:
  REGISTRY_IMAGE: ghcr.io/museofficial/muse

jobs:
  release-and-comment:
    name: Release snapshot and comment in PR
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
      attestations: write
      id-token: write
    steps:
      - name: Download images
        uses: actions/download-artifact@v4
        with:
          path: /tmp/images
          pattern: image-linux-*
          merge-multiple: true
          run-id: ${{ github.event.workflow_run.id }}
          github-token: ${{ secrets.GH_PAT }}

      - name: Set up Buildx
        uses: docker/setup-buildx-action@v1

      - name: Load image
        shell: bash
        id: load-image
        run: |
          docker image import --platform linux/amd64 /tmp/images/image-linux-amd64.tar
          docker image import --platform linux/arm64 /tmp/images/image-linux-arm64.tar

      - name: Download Docker metadata
        uses: actions/download-artifact@v4
        with:
          path: /tmp/metadata
          pattern: metadata
          run-id: ${{ github.event.workflow_run.id }}
          github-token: ${{ secrets.GH_PAT }}

      - name: Read the metadata.json file
        id: metadata_reader
        uses: juliangruber/read-file-action@v1.0.0
        with:
          path: /tmp/metadata/metadata/metadata.json

      - name: Download PR number
        uses: actions/download-artifact@v4
        with:
          path: /tmp/pull_request_number
          pattern: pull_request_number
          run-id: ${{ github.event.workflow_run.id }}
          github-token: ${{ secrets.GH_PAT }}

      - name: Read the pull_request_number.txt file
        id: pull_request_number_reader
        uses: juliangruber/read-file-action@v1.0.0
        with:
          path: /tmp/pull_request_number/pull_request_number/pull_request_number.txt

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Download digests
        uses: actions/download-artifact@v4
        with:
          path: /tmp/digests
          pattern: digests-*
          merge-multiple: true
          run-id: ${{ github.event.workflow_run.id }}
          github-token: ${{ secrets.GH_PAT }}

      - name: Create manifest list and push
        working-directory: /tmp/digests
        run: |
          docker buildx imagetools create $(cat /tmp/metadata/metadata/metadata.json | jq -cr '.tags | map("-t " + .) | join(" ")') \
            $(echo ${{ steps.load-image.outputs }} | sed 's/sha256://g' | tr '\n' ' ')

      - name: Create comment
        uses: marocchino/sticky-pull-request-comment@v2
        with:
          header: "pr-release"
          number: ${{ steps.pull_request_number_reader.outputs.content }}
          message: |
            #### :package: :robot: A new release has been made for this pull request.

            To play around with this PR, pull `${{ env.REGISTRY_IMAGE }}:pr-${{ github.event.number }}` or `${{ env.REGISTRY_IMAGE }}:${{ github.event.pull_request.head.sha }}`.

            Images are available for x86_64 and ARM64.

            > Latest commit: ${{ github.event.pull_request.head.sha }}