.github/workflows/build.yml

name: Build
on: [push, pull_request]

jobs:
  test:
    runs-on: ubuntu-latest

    steps:
      - name: Setup Node
        uses: actions/setup-node@v1
        with:
          node-version: '14'

      - name: Check out source code
        uses: actions/checkout@v2

      - name: Install dependencies
        run: yarn

      - name: Execute Tests
        run: yarn test

      - name: Verify that NPM module builds
        run: yarn bundle

      - name: Verify that Docker image builds
        run: docker build .

  npm:
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    needs: test

    steps:
      - name: Initialize Output
        run: echo "didpublishnpm=false" >> $GITHUB_ENV

      - name: Check out source code
        uses: actions/checkout@v2

      - name: Check if publish needed
        run: |
          name="$(jq -r .name package.json)"
          npmver="$(npm show $name version 2>/dev/null || echo v0.0.0)"
          pkgver="$(jq -r .version package.json)"
          if [ "$npmver" = "$pkgver" ]
          then
            echo "Package version ($pkgver) is the same as last published NPM version ($npmver), skipping publish."
          else
            echo "Package version ($pkgver) is different from latest NPM version ($npmver), publishing!"
            echo "shouldpublishnpm=true" >> $GITHUB_ENV
          fi

      - name: Setup Node
        if: env.shouldpublishnpm
        uses: actions/setup-node@v1
        with:
          node-version: '14'

      - name: Install dependencies
        if: env.shouldpublishnpm
        run: yarn

      - name: Bundle module (create ./dist dir)
        if: env.shouldpublishnpm
        run: yarn bundle

      - name: Publish
        if: env.shouldpublishnpm
        env:
          NPM_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}
        run: |
          echo "//registry.npmjs.org/:_authToken=${NPM_AUTH_TOKEN}" > .npmrc
          npm publish --access public ./dist
          echo "didpublishnpm=true" >> $GITHUB_ENV

  docker:
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    needs: [test, npm]

    steps:
      - name: Check out source code
        uses: actions/checkout@v2

      - name: Detect Dockerfile changes
        uses: dorny/paths-filter@v2
        id: filter
        with:
          filters: |
            dockerchanged:
              - 'Dockerfile'

      - name: Should Build?
        if:
          steps.filter.outputs.dockerchanged == 'true' ||
          needs.npm.outputs.didpublishnpm == 'true'
        run: |
          echo "Dockerfile changed, and/or new NPM module published. Need to update Docker image."
          echo "need_docker_build=true" >> $GITHUB_ENV

      - name: Login to DockerHub Registry
        if: env.need_docker_build
        run:
          echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{
          secrets.DOCKERHUB_USERNAME }} --password-stdin

      - name: Build the latest Docker image
        if: env.need_docker_build
        run: docker build . --file Dockerfile --tag jupiterone/pspbuilder:latest

      - name: Push the latest Docker image
        if: env.need_docker_build
        run: docker push jupiterone/pspbuilder:latest

  docker-extras:
    if: github.ref == 'refs/heads/main'
    runs-on: ubuntu-latest
    needs: [test, npm]

    steps:
      - name: Check out source code
        uses: actions/checkout@v2

      - name: Detect Dockerfile changes
        uses: dorny/paths-filter@v2
        id: filter
        with:
          filters: |
            dockerchanged:
              - 'Dockerfile-extras'

      - name: Should Build?
        if:
          steps.filter.outputs.dockerchanged == 'true' ||
          needs.npm.outputs.didpublishnpm == 'true'
        run: |
          echo "Dockerfile changed, and/or new NPM module published. Need to update Docker-extras image."
          echo "need_docker_build=true" >> $GITHUB_ENV

      - name: Login to DockerHub Registry
        if: env.need_docker_build
        run:
          echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{
          secrets.DOCKERHUB_USERNAME }} --password-stdin

      - name: Build the latest Docker image
        if: env.need_docker_build
        run:
          docker build . --file Dockerfile-extras --tag
          jupiterone/pspbuilder-extras:latest

      - name: Push the latest Docker image
        if: env.need_docker_build
        run: docker push jupiterone/pspbuilder-extras:latest