.github/workflows/semantic-release.yml

name: Release Workflow

on:
  workflow_dispatch:

env:
  FHIR_PACKAGE_FEED_REPO: umg-minai/fhir-package-feed

jobs:
  check-release:
    runs-on: ubuntu-latest
    concurrency: check-release
    permissions:
      id-token: write
      contents: write

    outputs:
      new_release_published: ${{ steps.semantic_release_version.outputs.new_release_published }}
      new_release_version: ${{ steps.semantic_release_version.outputs.new_release_version }}
      prerelease: ${{ steps.check-prerelease.outputs.prerelease }}
      
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "lts/*"

      - name: Install dependencies
        run: |
          sudo snap install yq
          npm install @semantic-release/changelog @semantic-release/github

      - name: Semantic Release (Determine new version)
        id: semantic_release_version
        uses: cycjimmy/semantic-release-action@v4
        with:
          extra_plugins: |
            @semantic-release/changelog
            @semantic-release/github
          dry_run: true
          ci: true
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          
      - name: Output new release version
        run: |
          echo Version: ${{ steps.semantic_release_version.outputs.new_release_version }}
          echo new_release_published: ${{ steps.semantic_release_version.outputs.new_release_published }}

      - name: Check pre-release
        id: check-prerelease
        run: |
          if [[ "${{ steps.semantic_release_version.outputs.new_release_version }}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
            echo "prerelease=false" >> $GITHUB_OUTPUT
          else
            echo "prerelease=true" >> $GITHUB_OUTPUT
          fi
        shell: bash

      - name: Echo Prelease
        run: |
          echo pre-release: ${{ steps.check-prerelease.outputs.prerelease }}

  perform-release:
    needs: check-release
    if: needs.check-release.outputs.new_release_published == 'true'
    runs-on: ubuntu-latest

    permissions:
      id-token: write
      contents: write

    outputs:
      new_release_published: ${{ steps.semantic_release.outputs.new_release_published }}
      new_release_version: ${{ steps.semantic_release.outputs.new_release_version }}
      new_release_git_tag: ${{ steps.semantic_release.outputs.new_release_git_tag }}
      prerelease: ${{ needs.check-release.outputs.prerelease }}
      ig_canonical: ${{ steps.yaml-data.outputs.canonical }}
      ig_id: ${{ steps.yaml-data.outputs.id }}
      ig_asset_filename: ${{ steps.generate-asset-filename.outputs.ig_asset_filename }}
      ig_fhir_version: ${{ steps.yaml-data.outputs.fhirVersion }}
    
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
          persist-credentials: false  # Do not store credentials as they will be configured manually

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "lts/*"

      - name: Install dependencies
        run: |
          sudo snap install yq
          npm install @semantic-release/changelog @semantic-release/github

      - name: Update sushi-config.yaml with new version
        run: |
          yq eval '.version = "${{ needs.check-release.outputs.new_release_version }}"' -i sushi-config.yaml
  
      - name: Configure git and push changes
        env:
          REPO_ACCESS_TOKEN: ${{ secrets.REPO_ACCESS_TOKEN }}
        run: |
          git config user.name 'github-actions'
          git config user.email 'github-actions@github.com'
          
          # Inject the token directly into the remote URL securely
          git remote set-url origin https://${{ github.actor }}:${REPO_ACCESS_TOKEN}@github.com/${{ github.repository }}.git

          git add sushi-config.yaml
          git commit -m "Update sushi-config.yaml for release ${{ needs.check-release.outputs.new_release_version }}"
          git push

      # read id, version and canonical from sushi-config.yaml
      - name: Read YAML file
        id: yaml-data
        run: |
          VERSION=$(yq eval '.version' sushi-config.yaml)
          ID=$(yq eval '.id' sushi-config.yaml)
          CANONICAL=$(yq eval '.canonical' sushi-config.yaml)
          FHIRVERSION=$(yq eval '.fhirVersion' sushi-config.yaml)
          echo "version=$VERSION" >> $GITHUB_OUTPUT
          echo "id=$ID" >> $GITHUB_OUTPUT
          echo "canonical=$CANONICAL" >> $GITHUB_OUTPUT
          echo "fhir_version=$FHIRVERSION" >> $GITHUB_OUTPUT

      - name: Generate asset filename
        id: generate-asset-filename
        run: echo "ig_asset_filename=${{ steps.yaml-data.outputs.id }}-${{ needs.check-release.outputs.new_release_version }}.tgz" >> $GITHUB_OUTPUT

      # display outputs from read-yaml action
      - name: Display read-yaml output
        run: |
          echo "id: ${{ steps.yaml-data.outputs.id }}"
          echo "target url: ${{ steps.yaml-data.outputs.canonical }}"
          echo "version: ${{ steps.yaml-data.outputs.version }}"
          echo "asset filename: ${{ steps.generate-asset-filename.outputs.ig_asset_filename }}"
          echo "fhir_version: ${{ steps.yaml-data.outputs.fhir_version }}"

      - name: Run the IG publisher
        uses: docker://hl7fhir/ig-publisher-base:latest
        with:
          args: ./run-ig-publisher.sh ${{ steps.yaml-data.outputs.canonical }} ${{ steps.yaml-data.outputs.version }}

      - name: Move package.tgz to output directory
        run: |
          mkdir -p dist/
          mv ./output/package.tgz dist/${{ steps.generate-asset-filename.outputs.ig_asset_filename }}

      - name: Deploy to GitHub Pages
        if: needs.check-release.outputs.prerelease == 'false'
        uses: peaceiris/actions-gh-pages@v4
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          publish_dir: ./output
          force_orphan: true

      - name: Semantic Release (Create release)
        id: semantic_release
        uses: cycjimmy/semantic-release-action@v4
        with:
          extra_plugins: |
            @semantic-release/changelog
            @semantic-release/github
          ci: true
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  update-package-feed:
    needs: perform-release
    if: needs.perform-release.outputs.new_release_published == 'true' && needs.perform-release.outputs.prerelease == 'false'
    runs-on: ubuntu-latest
    steps:
      - name: Output new release version
        run: |
          echo ${{ needs.perform-release.outputs.new_release_version }}

      - name: Install dependencies
        run: |
          sudo apt-get install -y xmlstarlet gh

      # Checkout the external repository where package-feed.xml is located
      - name: Checkout external repository
        uses: actions/checkout@v3
        with:
          repository: ${{ env.FHIR_PACKAGE_FEED_REPO }}
          token: ${{ secrets.FHIR_PACKAGE_FEED_REPO_TOKEN }}
          path: 'external-repo'

      # Update package-feed.xml in the external repository
      - name: Update package-feed.xml
        run: |
          cd external-repo

          TITLE="${{ needs.perform-release.outputs.ig_id }}#${{ needs.perform-release.outputs.new_release_version }}"
          NEW_LINK="https://github.com/${{ github.repository }}/releases/download/${{ needs.perform-release.outputs.new_release_git_tag }}/${{ needs.perform-release.outputs.ig_asset_filename }}?raw=true"
          NEW_GUID=$NEW_LINK
          DESCRIPTION="Release ${{ needs.perform-release.outputs.new_release_version }} of ${{ needs.perform-release.outputs.ig_id }}"
          PUB_DATE=$(date -u +"%a, %d %b %Y %H:%M:%S %Z")
          VERSION="${{ needs.perform-release.outputs.new_release_version }}"
          CREATOR="${{ github.actor }}"
          FHIR_VERSION="${{ needs.perform-release.outputs.ig_fhir_version }}"
          KIND="IG"

          XML_FILE="package-feed.xml"
          ITEM_EXISTS=$(xmlstarlet sel -t -v "count(/rss/channel/item[title='$TITLE'])" $XML_FILE)

          if [ "$ITEM_EXISTS" -eq "0" ]; then
            echo "Item does not exist, adding new item..."
            xmlstarlet ed --inplace \
              -s /rss/channel -t elem -n item -v "" \
              -s "//item[last()]" -t elem -n title -v "$TITLE" \
              -s "//item[last()]" -t elem -n description -v "$DESCRIPTION" \
              -s "//item[last()]" -t elem -n link -v "$NEW_LINK" \
              -s "//item[last()]" -t elem -n guid -v "$NEW_GUID" \
              -i "//item[last()]/guid" -t attr -n isPermaLink -v "true" \
              -s "//item[last()]" -t elem -n dc:creator -v "$CREATOR" \
              -s "//item[last()]" -t elem -n fhir:version -v "$FHIR_VERSION" \
              -s "//item[last()]" -t elem -n fhir:kind -v "$KIND" \
              -s "//item[last()]" -t elem -n pubDate -v "$PUB_DATE" \
              $XML_FILE
          else
            echo "Item exists, updating..."
            xmlstarlet ed --inplace \
              -u "/rss/channel/item[title='$TITLE']/link" -v "$NEW_LINK" \
              -u "/rss/channel/item[title='$TITLE']/guid" -v "$NEW_GUID" \
              -i "/rss/channel/item[title='$TITLE']/guid" -t attr -n isPermaLink -v "true" \
              -u "/rss/channel/item[title='$TITLE']/description" -v "$DESCRIPTION" \
              -u "/rss/channel/item[title='$TITLE']/dc:creator" -v "$CREATOR" \
              -u "/rss/channel/item[title='$TITLE']/fhir:version" -v "$FHIR_VERSION" \
              -u "/rss/channel/item[title='$TITLE']/fhir:kind" -v "$KIND" \
              -u "/rss/channel/item[title='$TITLE']/pubDate" -v "$PUB_DATE" \
              $XML_FILE
          fi

          # Update the lastBuildDate and pubDate for the feed
          xmlstarlet ed --inplace \
            -u "/rss/channel/lastBuildDate" -v "$PUB_DATE" \
            -u "/rss/channel/pubDate" -v "$PUB_DATE" \
            $XML_FILE
        shell: bash

      - name: Push new branch
        run: |
          cd external-repo
          git config user.name '${{ github.actor }}'
          git config user.email '${{ github.actor }}@users.noreply.github.com'
          NEW_BRANCH="update-package-feed-${{ needs.perform-release.outputs.ig_id }}-${{ needs.perform-release.outputs.new_release_version }}"
          git checkout -b $NEW_BRANCH
          git add package-feed.xml
          git commit -m "Update package-feed.xml with new release information"
          git push --set-upstream origin $NEW_BRANCH
          gh pr create --repo ${{ env.FHIR_PACKAGE_FEED_REPO }} --head $NEW_BRANCH --base main --title "Add ${{ needs.perform-release.outputs.ig_id }}-${{ needs.perform-release.outputs.new_release_version }}" --body "Automated update of package-feed.xml with new release information"
        env:
          GITHUB_TOKEN: ${{ secrets.FHIR_PACKAGE_FEED_REPO_TOKEN }}