name: Netlify PR Preview
on:
  pull_request:
    types:
      - synchronize
      - opened
      - labeled

jobs:
  build_element_call:
    if: ${{ contains(github.event.pull_request.labels.*.name, 'docker build') && github.event.pull_request.head.repo.full_name == github.repository }}
    uses: ./.github/workflows/build_resuable.yaml
    secrets:
      SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
      SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
      SENTRY_URL: ${{ secrets.SENTRY_URL }}
      SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
  deploy:
    if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request'
    runs-on: ubuntu-latest
    permissions:
      deployments: write
    environment: Netlify
    steps:
      - name: 📝 Create Deployment
        uses: bobheadxi/deployments@v1
        id: deployment
        with:
          step: start
          token: ${{ secrets.GITHUB_TOKEN }}
          env: Netlify
          ref: ${{ github.event.workflow_run.head_sha }}
          desc: |
            Do you trust the author of this PR? Maybe this build will steal your keys or give you malware.
            Exercise caution. Use test accounts.

      - id: prdetails
        uses: matrix-org/pr-details-action@v1.3
        with:
          owner: ${{ github.event.workflow_run.head_repository.owner.login }}
          branch: ${{ github.event.workflow_run.head_branch }}

      - name: 📥 Download artifact
        uses: actions/download-artifact@v4
        with:
          name: build-output
          path: webapp

      - name: Add redirects file
        # We fetch from github directly as we don't bother checking out the repo
        run: curl -s https://raw.githubusercontent.com/element-hq/element-call/main/config/netlify_redirects > webapp/_redirects

      - name: Add config file
        run: curl -s "https://raw.githubusercontent.com/${{ github.event.workflow_run.head_repository.full_name }}/${{ github.event.workflow_run.head_branch }}/config/element_io_preview.json" > webapp/config.json

      - name: ☁️ Deploy to Netlify
        id: netlify
        uses: nwtgck/actions-netlify@v3.0
        with:
          publish-dir: webapp
          deploy-message: "Deploy from GitHub Actions"
          # These don't work because we're in workflow_run
          enable-pull-request-comment: false
          enable-commit-comment: false
          alias: pr${{ steps.prdetails.outputs.pr_id }}
        env:
          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
        timeout-minutes: 1

      - name: 🚦 Update deployment status
        uses: bobheadxi/deployments@v1
        if: always()
        with:
          step: finish
          override: false
          token: ${{ secrets.GITHUB_TOKEN }}
          status: ${{ job.status }}
          env: ${{ steps.deployment.outputs.env }}
          deployment_id: ${{ steps.deployment.outputs.deployment_id }}
          env_url: ${{ steps.netlify.outputs.deploy-url }}
          desc: |
            Do you trust the author of this PR? Maybe this build will steal your keys or give you malware.
            Exercise caution. Use test accounts.