name: Release to Google Play
on:
  workflow_dispatch:

jobs:
  publish-google-play-release:
    runs-on: ubuntu-latest
    steps:

    - name: Get latest release
      id: latest-release
      shell: bash
      env:
        GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      run: |
        tag_name="$(gh api /repos/msfjarvis/compose-lobsters/releases --jq '.[0].tag_name')"
        echo "checkout_ref=${tag_name}" >> $GITHUB_OUTPUT

    - name: Checkout repository
      uses: actions/checkout@v3.1.0
      with:
        ref: ${{ steps.latest-release.outputs.checkout_ref }}

    - name: Set up JDK
      uses: actions/setup-java@v3.6.0
      with:
        distribution: temurin
        java-version: 18

    - name: Decrypt secrets
      run: scripts/signing-setup.sh "$ENCRYPT_KEY"
      env:
        ENCRYPT_KEY: ${{ secrets.ENCRYPT_KEY }}

    - name: Build release bundle
      uses: gradle/gradle-build-action@v2.3.3
      with:
        arguments: collectReleaseBundle
        gradle-home-cache-cleanup: true

    - name: Publish bundle to Google Play
      uses: r0adkll/upload-google-play@v1.0.19
      with:
        serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
        packageName: dev.msfjarvis.claw.android
        releaseFiles: android/bundle/*.aab
        track: production
        status: completed
        whatsNewDirectory: distribution/whatsnew
        mappingFile: android/bundle/mapping.txt

    - name: Clean secrets
      run: scripts/signing-cleanup.sh