# This workflow is triggered by a comment on an issue or PR with the text ".bundle"
# It bundles the Desktop App, then creates a PR comment with a link to download the app.

# IMPORTANT: issue_comment workflows only use files found on "main" branch to run.
# Do NOT allow on: pull_request since that allows a user to alter a file in a PR and exfil secrets for example.
# Only using issue_comment is the suggested workflow type. Comments on pull requests, and issues will trigger the issue_comment workflow event.
on:
  issue_comment:
    types: [created]

# permissions needed for reacting to IssueOps commands on PRs
permissions:
  pull-requests: write
  checks: read
  # issues: write

name: Workflow to Bundle Desktop App

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  trigger-on-command:
    name: Trigger on ".bundle" PR comment
    runs-on: ubuntu-latest
    outputs:
      continue: ${{ steps.command.outputs.continue }}
      # Cannot use github.event.pull_request.number since the trigger is 'issue_comment'
      pr_number: ${{ steps.command.outputs.issue_number }}
    steps:
      - uses: github/command@v1.3.0
        id: command
        with:
          command: ".bundle"
          reaction: "eyes"
          allowed_contexts: pull_request

  bundle-desktop:
    # Only run this if ".bundle" command is detected.
    needs: [trigger-on-command]
    if: ${{ needs.trigger-on-command.outputs.continue == 'true' }}
    uses: ./.github/workflows/bundle-desktop.yml
    with:
      signing: true
    secrets:
      CERTIFICATE_OSX_APPLICATION: ${{ secrets.CERTIFICATE_OSX_APPLICATION }}
      CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }}
      APPLE_ID: ${{ secrets.APPLE_ID }}
      APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
      APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}

  pr-comment:
    name: PR Comment with Desktop App
    runs-on: ubuntu-latest
    needs: [trigger-on-command, bundle-desktop]
    permissions:
      pull-requests: write

    steps:
      - name: Download all artifacts
        uses: actions/download-artifact@v4
        with:
          merge-multiple: true

      - name: Comment on PR with download link
        uses: peter-evans/create-or-update-comment@v4
        with:
          issue-number: ${{ needs.trigger-on-command.outputs.pr_number }}
          body: |
            ### Desktop App for this PR
            
            The following build is available for testing:
            
            - [📱 macOS Desktop App (arm64, signed)](https://nightly.link/${{ github.repository }}/actions/runs/${{ github.run_id }}/Goose-darwin-arm64.zip)

            After downloading, unzip the file and drag the Goose.app to your Applications folder. The app is signed and notarized for macOS.
            
            This link is provided by nightly.link and will work even if you're not logged into GitHub.