name: "Build and Release"
on:
  push:
    tags:
      - "v*"
  workflow_dispatch:

jobs:
  build-release:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Set up toolchain
        uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
          override: true
      - name: Import GPG key
        id: import_gpg
        uses: crazy-max/ghaction-import-gpg@v3
        with:
          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
          passphrase: ${{ secrets.PASSPHRASE }}
      - name: Cache cargo builds
        uses: actions/cache@v2
        with:
          path: |
            ~/.cargo/
          key: ${{ runner.os }}-cargo-${{ hashFiles('Cargo.lock') }}
          restore-keys: |
            ${{ runner.os }}-cargo-
      - name: Build Release
        uses: actions-rs/cargo@v1
        with:
          use-cross: false
          command: build
          args: --release --target x86_64-unknown-linux-gnu
      - name: Strip symbols
        run: strip target/x86_64-unknown-linux-gnu/release/tobi-rs
      - name: Move binaries
        run: mv target/x86_64-unknown-linux-gnu/release/tobi-rs target/tobi-rs-linux-x86_64
      - name: Sign artifact
        run: gpg --batch --yes --pinentry-mode loopback --passphrase "${{ secrets.PASSPHRASE }}" --detach-sign --sign --armor --default-key steps.import_gpg.outputs.keyid --output target/tobi-rs-linux-x86_64.sig target/tobi-rs-linux-x86_64
      - name: Upload artifacts
        uses: actions/upload-artifact@v2
        with:
          name: tobi-rs-linux-x86_64
          path:  |
            target/tobi-rs-linux-x86_64
            target/tobi-rs-linux-x86_64.sig
      - name: publish release
        uses: "marvinpinto/action-automatic-releases@latest"
        with:
          repo_token: "${{ secrets.GITHUB_TOKEN }}"
          prerelease: false
          files: |
            LICENSE
            target/tobi-rs-linux-x86_64
            target/tobi-rs-linux-x86_64.sig