name: Netlify PR Preview
on:
  workflow_run:
    workflows: ["Build"]
    types:
      - completed

jobs:
  deploy:
    if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request' }}
    env:
      PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0].number }}
      PR_HEAD_FULL_NAME: ${{ github.event.workflow_run.head_repository.full_name }}
      PR_HEAD_REF: ${{ github.event.workflow_run.pull_requests[0].head.ref }}
      PR_HEAD_SHA: ${{ github.event.workflow_run.pull_requests[0].head.sha }}
    runs-on: ubuntu-latest
    permissions:
      deployments: write
    environment: Netlify
    steps:
      - run: ${{ tojson(github.event) }}
        shell: cat {0}

      - name: 📝 Create Deployment
        uses: bobheadxi/deployments@v1
        id: deployment
        with:
          step: start
          token: ${{ secrets.GITHUB_TOKEN }}
          env: Netlify
          ref: ${{ env.PR_HEAD_SHA || github.ref || github.head_ref }}
          desc: |
            Do you trust the author of this PR? Maybe this build will steal your keys or give you malware.
            Exercise caution. Use test accounts.

      - name: 📥 Download artifact
        uses: actions/download-artifact@v4
        with:
          github-token: ${{ secrets.ELEMENT_BOT_TOKEN }}
          run-id: ${{ github.event.workflow_run.id }}
          name: build-output
          path: webapp

      - name: Add redirects file
        # We fetch from github directly as we don't bother checking out the repo
        run: curl -s https://raw.githubusercontent.com/element-hq/element-call/main/config/netlify_redirects > webapp/_redirects

      - name: Add config file
        run: curl -s "https://raw.githubusercontent.com/${{ env.PR_HEAD_FULL_NAME }}/${{ env.PR_HEAD_REF }}/config/element_io_preview.json" > webapp/config.json

      - name: ☁️ Deploy to Netlify
        id: netlify
        uses: nwtgck/actions-netlify@v3.0
        with:
          publish-dir: webapp
          deploy-message: "Deploy from GitHub Actions"
          alias: pr${{ env.PR_NUMBER }}
        env:
          NETLIFY_AUTH_TOKEN: ${{ secrets.NETLIFY_AUTH_TOKEN }}
          NETLIFY_SITE_ID: ${{ secrets.NETLIFY_SITE_ID }}
        timeout-minutes: 1

      - name: 🚦 Update deployment status
        uses: bobheadxi/deployments@v1
        if: always()
        with:
          step: finish
          override: false
          token: ${{ secrets.GITHUB_TOKEN }}
          status: ${{ job.status }}
          env: ${{ steps.deployment.outputs.env }}
          deployment_id: ${{ steps.deployment.outputs.deployment_id }}
          env_url: ${{ steps.netlify.outputs.deploy-url }}
          desc: |
            Do you trust the author of this PR? Maybe this build will steal your keys or give you malware.
            Exercise caution. Use test accounts.