pipeline:
  build:
    image: alvrme/alpine-android:android-31-jdk11
    commands:
      - ./gradlew assembleFreeRelease
    when:
      path: [ app/, build.gradle ]

  sign:
    image: alvrme/alpine-android:android-31-jdk11
    environment:
      OUTPUT: "signed.apk"
      INSTANCE: "https://codeberg.org"
      KS_FILE: "gitnex_ci_keystore.jks"
    commands:
      - >
        KEYFILE=$(mktemp)
        curl -X GET "${INSTANCE}/api/v1/repos/${KS_REPO}/contents/${KS_FILE}?token=${BOT_TOKEN}" -H  "accept: application/json" | sed 's|"content":"|#|g' | cut -d '#' -f 2 | cut -d '"' -f 1 | base64 -d > ${KEYFILE}
        apksigner sign -v --ks-pass pass:$KS_PASS --key-pass pass:$KEY_PASS --ks-key-alias GitNexBot --ks ${KEYFILE} --out signed.apk $(find . -name "*release*.apk")
    secrets: [ BOT_TOKEN, KS_PASS, KEY_PASS, KS_REPO ]
    when:
      event: [ push, tag ]
      branch: main
      path: [ app/, build.gradle ]

  upload:
    image: curlimages/curl:7.82.0
    group: upload
    environment:
      WEBDAV_USERNAME: "GitNexBot"
      PLUGIN_FILE: "signed.apk"
      PLUGIN_DESTINATION: "https://cloud.swatian.com/remote.php/dav/files/GitNexBot/gitnex/builds/latest.apk"
    commands:
      - curl -T "$PLUGIN_FILE" -u "$WEBDAV_USERNAME":"$WEBDAV_PASSWORD" "$PLUGIN_DESTINATION"
    secrets: [ WEBDAV_PASSWORD ]
    when:
      event: [ push, tag ]
      branch: main
      path: [ app/, build.gradle ]

  upload-release:
    image: curlimages/curl:7.82.0
    group: upload
    environment:
      WEBDAV_USERNAME: "GitNexBot"
      PLUGIN_FILE: "signed.apk"
    commands:
      - "[[ $CI_COMMIT_TAG == *'-rc'* ]] && echo 'Upload blocked. Build seems to be a release candidate.' && exit 0"
      - curl -T "$PLUGIN_FILE" -u "$WEBDAV_USERNAME":"$WEBDAV_PASSWORD" 'https://cloud.swatian.com/remote.php/dav/files/GitNexBot/gitnex/releases/'"$CI_COMMIT_TAG"'.apk'
    secrets: [ WEBDAV_PASSWORD ]
    when:
      event: [ tag ]