# This workflow will build a package using Maven and then publish it to GitHub packages when a release is created
# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path

name: Maven Release

on:
  workflow_call:
    secrets:
      AWS_CA_USER:
        required: true
      AWS_CA_PASSWORD:
        required: true

jobs:
  build:

    runs-on: ubuntu-latest
    permissions:
      contents: write
      packages: write

    steps:
    - uses: actions/checkout@v4

    - name: Set up Maven
      uses: stCarolas/setup-maven@v5
      with:
        maven-version: '3.9.9'

    - name: Set up JDK 21
      uses: actions/setup-java@v4
      with:
        java-version: '21'
        distribution: 'corretto'
        cache: maven

    - name: Set up AWS Cli
      run: |
        curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
        unzip -q awscliv2.zip
        ./aws/install
        export TOKEN=`aws codeartifact get-authorization-token --region eu-west-1 --domain pravila --domain-owner 867459752380 --query authorizationToken --output text`
        echo "CODEARTIFACT_AUTH_TOKEN=$TOKEN" >> $GITHUB_ENV
      env:
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_CA_USER }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_CA_PASSWORD }}

    - name: Config git and ssh
      run: |
        git config --global user.email "gitea@pravilanovait.hr"
        git config --global user.name "Gitea Actions"
        echo -e "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
        chown 600 ~/.ssh/id_rsa
        touch ~/.ssh/known_hosts
        ssh-keygen -R devops.pravilanovait.hr
        ssh-keyscan -t rsa devops.pravilanovait.hr > ~/.ssh/known_hosts

    - name: Maven release
      run: mvn release:prepare release:perform -s mvn-settings.xml -B -DrepositoryId=deploy
      env:
        GITHUB_TOKEN: ${{ github.token }}
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_CA_USER }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_CA_PASSWORD }}