name: Build and Publish Collection to Ansible Galaxy

on:
  release:
    types: [published]
  workflow_dispatch:

defaults:
  run:
    working-directory: collections/ansible_collections/kewlfft/aur

jobs:
  release:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v5
        with:
          path: collections/ansible_collections/kewlfft/aur

      - name: Debug workflow version
        run: echo "=== RUNNING UPDATED WORKFLOW ==="

      - name: Verify version in galaxy.yml matches release tag
        run: |
          tag_version="${GITHUB_REF##*/}"   # e.g., v0.12.2
          tag_version="${tag_version#v}"    # strip leading 'v' if present
          file_version=$(awk '/^version:/ {print $2}' galaxy.yml)

          if [ "${GITHUB_EVENT_NAME}" != "workflow_dispatch" ] && [ "$file_version" != "$tag_version" ]; then
              echo "❌ galaxy.yml version ($file_version) does not match tag ($tag_version)"
              exit 1
          fi
          echo "✅ Version check passed: $file_version"

      - name: Build collection
        run: |
          path=$(ansible-galaxy collection build | awk '/Created collection/ {print $NF}')
          echo "TARBALL=$path" >> $GITHUB_ENV
          echo "📦 Built collection at $path"

      - name: Upload built collection artifact
        uses: actions/upload-artifact@v4
        with:
          name: ansible-collection-tarball
          path: ${{ env.TARBALL }}

      - name: Debug tarball before publish
        run: |
          echo "🔎 Checking tarball path..."
          echo "TARBALL=$TARBALL"
          ls -l "$(dirname "$TARBALL")"

      - name: Publish collection
        if: github.event_name != 'workflow_dispatch'  # skip publish for manual testing
        run: |
          echo "📤 Publishing $TARBALL ..."
          ansible-galaxy collection publish "$TARBALL" \
            --api-key "${{ secrets.ANSIBLE_GALAXY_API_KEY }}"