name: Build
on:
  push:
    branches:
      - "main"
  pull_request:

jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
      attestations: write
      id-token: write
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Install devbox
        uses: jetify-com/devbox-install-action@v0.11.0
        with:
          enable-cache: true
      - name: Setup Golang cache
        uses: actions/cache@v4
        with:
          path: |
            ~/.cache/go-build
            ~/go/pkg/mod
          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go-

      - name: Build artifacts
        run: devbox run -- just unstable

      - uses: actions/upload-artifact@v4
        with:
          name: Unstable Build
          path: dist

  deploy:
    runs-on: ubuntu-latest
    needs: build
    concurrency:
      group: ${{ github.workflow }}-${{ github.ref }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Install devbox
        uses: jetify-com/devbox-install-action@v0.11.0
        with:
          enable-cache: true

      - run: devbox run -- just deploy-fly
        if : github.event_name == 'push' && github.ref == 'refs/heads/main'
        env:
          FLY_API_TOKEN: ${{ secrets.FLY_API_TOKEN }}