name: Build

on:
  push:
    branches-ignore:
      - 'l10n_master'
      - 'gh-pages'

jobs:

  cloc:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Set up cloc
        run: |
          sudo apt-get update
          sudo apt-get -y install cloc

      - name: Print lines of code
        run: cloc --vcs git --exclude-dir Resources,store,test,Properties --include-lang C#,XAML

  android:
    runs-on: windows-latest

    steps:
      - name: Set up NuGet
        uses: nuget/setup-nuget@v1
        with:
          nuget-version: 'latest'

      - name: Set up MSBuild
        uses: microsoft/setup-msbuild@v1.0.0

      - name: Print environment
        run: |
          nuget help
          msbuild -version
          dotnet --info
          Write-Output "GitHub ref: $env:GITHUB_REF"
        shell: pwsh
        env:
          GITHUB_REF: ${{ github.ref }}

      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Decrypt secrets
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/android/decrypt-secrets.ps1
        shell: pwsh
        env:
          DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }}

      - name: Increment version
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/android/increment-version.ps1
        shell: pwsh

      - name: Restore packages
        run: nuget restore

      - name: Build Play Store publisher
        run: dotnet build ./store/google/Publisher/Publisher.csproj -p:Configuration=Release

      - name: Build for Play Store
        run: ./.github/scripts/android/build.ps1 -configuration Release
        shell: pwsh

      - name: Sign for Play Store
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/android/sign-play.ps1
        shell: pwsh
        env:
          PLAY_KEYSTORE_PASSWORD: ${{ secrets.PLAY_KEYSTORE_PASSWORD }}
          UPLOAD_KEYSTORE_PASSWORD: ${{ secrets.UPLOAD_KEYSTORE_PASSWORD }}

      - name: Upload Play Store .aab artifact
        if: github.ref == 'refs/heads/master'
        uses: actions/upload-artifact@v2
        with:
          name: com.x8bit.bitwarden.aab
          path: ./com.x8bit.bitwarden.aab

      - name: Upload Play Store .apk artifact
        if: github.ref == 'refs/heads/master'
        uses: actions/upload-artifact@v2
        with:
          name: com.x8bit.bitwarden.apk
          path: ./com.x8bit.bitwarden.apk

      - name: Clean for F-Droid
        run: ./.github/scripts/android/clean-fdroid.ps1
        shell: pwsh

      - name: Restore packages
        run: nuget restore

      - name: Build for F-Droid
        run: ./.github/scripts/android/build.ps1 -configuration FDroid
        shell: pwsh

      - name: Sign for F-Droid
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/android/sign-fdroid.ps1
        shell: pwsh
        env:
          FDROID_KEYSTORE_PASSWORD: ${{ secrets.FDROID_KEYSTORE_PASSWORD }}

      - name: Upload F-Droid .apk artifact
        if: github.ref == 'refs/heads/master'
        uses: actions/upload-artifact@v2
        with:
          name: com.x8bit.bitwarden-fdroid.apk
          path: ./com.x8bit.bitwarden-fdroid.apk

      - name: Deploy to Play Store
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/android/deploy-play.ps1
        shell: pwsh

  ios:
    runs-on: macos-latest

    steps:
      - name: Print environment
        run: |
          nuget help
          msbuild -version
          dotnet --info
          Write-Output "GitHub ref: $env:GITHUB_REF"
        shell: pwsh
        env:
          GITHUB_REF: ${{ github.ref }}

      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Decrypt secrets
        run: ./.github/scripts/ios/decrypt-secrets.ps1
        shell: pwsh
        env:
          DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }}

      - name: Increment version
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/ios/increment-version.ps1
        shell: pwsh

      - name: Set up keychain
        run: ./.github/scripts/ios/setup-keychain.ps1
        shell: pwsh
        env:
          KEYCHAIN_PASSWORD: ${{ secrets.IOS_KEYCHAIN_PASSWORD }}
          MOBILE_KEY_PASSWORD: ${{ secrets.IOS_KEY_PASSWORD }}
          DIST_CERT_PASSWORD: ${{ secrets.IOS_DIST_CERT_PASSWORD }}

      - name: Set up provisioning profiles
        run: ./.github/scripts/ios/setup-profiles.ps1
        shell: pwsh

      - name: Restore packages
        run: nuget restore

      - name: Archive Build for App Store
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/ios/build.ps1 -configuration AppStore -platform iPhone -archive
        shell: pwsh

      - name: Build for App Store
        if: github.ref != 'refs/heads/master'
        run: ./.github/scripts/ios/build.ps1 -configuration AppStore -platform iPhone
        shell: pwsh

      - name: Export .ipa for App Store
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/ios/export-ipa.ps1 -method app-store
        shell: pwsh

      - name: Upload App Store .ipa artifact
        if: github.ref == 'refs/heads/master'
        uses: actions/upload-artifact@v2
        with:
          name: Bitwarden.ipa
          path: ./bitwarden-export/Bitwarden.ipa

      - name: Deploy to App Store
        if: github.ref == 'refs/heads/master'
        run: ./.github/scripts/ios/deploy-app-store.ps1
        shell: pwsh
        env:
          APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }}
          APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}