name: Release Build

on:
  push:
    tags:
      - 'v*' # Trigger on version tags like v0.1.0

permissions:
  contents: write # Needed to create releases
  packages: write # Needed to push to GitHub Container Registry

jobs:
  create_release:
    name: Create Release
    runs-on: ubuntu-latest
    outputs:
      upload_url: ${{ steps.create_release.outputs.upload_url }}
    steps:
      - name: Create Release
        id: create_release
        uses: actions/create-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ github.ref_name }}
          release_name: Release ${{ github.ref_name }}
          draft: false
          prerelease: false

  build_binaries:
    name: Build Binaries for ${{ matrix.target }}
    needs: create_release
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        include:
          - os: ubuntu-latest
            target: x86_64-unknown-linux-musl
            asset_name_suffix: linux-amd64
            output_name: mcp-server-wazuh
          - os: windows-latest
            target: x86_64-pc-windows-msvc
            asset_name_suffix: windows-amd64.exe
            output_name: mcp-server-wazuh.exe
          - os: macos-latest # Intel runner
            target: x86_64-apple-darwin
            asset_name_suffix: macos-amd64
            output_name: mcp-server-wazuh
          - os: macos-14 # ARM64/M1 runner
            target: aarch64-apple-darwin
            asset_name_suffix: macos-arm64
            output_name: mcp-server-wazuh
    steps:
      - uses: actions/checkout@v4

      - name: Set up Rust for target ${{ matrix.target }}
        uses: dtolnay/rust-toolchain@stable
        with:
          targets: ${{ matrix.target }}

      - name: Install musl-tools (Linux MUSL target only)
        if: matrix.os == 'ubuntu-latest' && contains(matrix.target, 'musl')
        run: |
          sudo apt-get update -y
          sudo apt-get install -y musl-tools

      - name: Build binary
        run: cargo build --verbose --release --target ${{ matrix.target }}

      - name: Upload Release Asset
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ needs.create_release.outputs.upload_url }}
          asset_path: ./target/${{ matrix.target }}/release/${{ matrix.output_name }}
          asset_name: mcp-server-wazuh-${{ matrix.asset_name_suffix }}
          asset_content_type: application/octet-stream

  build_docker:
    name: Build and Push Docker Image
    needs: create_release
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Extract metadata
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: ghcr.io/gbrigandi/mcp-server-wazuh
          tags: |
            type=ref,event=tag
            type=raw,value=latest

      - name: Build and push Docker image
        uses: docker/build-push-action@v5
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=gha
          cache-to: type=gha,mode=max