name: "Release Homebrew"

on:
  workflow_dispatch:
  release:
    types:
      - released

jobs:
  homebrew:
    runs-on: ubuntu-20.04
    steps:

      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 #v4.1.1
        with:
          # we need to be able to get the commit for a tag
          fetch-depth: 0

      - name: Get release info
        id: release_info
        run: |
          echo -n "tag_name=$(gh release view --json tagName --jq '.tagName')" | tee -a $GITHUB_OUTPUT
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

      - name: Get commit info
        id: git_info
        run: |
          git checkout ${{ steps.release_info.outputs.tag_name }}
          echo -n "commit=$(git rev-parse HEAD)" | tee -a $GITHUB_OUTPUT

      - name: Update Homebrew formula
        uses: dawidd6/action-homebrew-bump-formula@75ed025ff3ad1d617862838b342b06d613a0ddf3 # v3.10.1
        with:
          token: ${{ secrets.HOMEBREW_TOKEN }}
          org: anchore
          formula: syft
          tag: ${{ steps.release_info.outputs.tag_name }}
          revision: ${{ steps.git_info.outputs.commit }}

      - uses: 8398a7/action-slack@fbd6aa58ba854a740e11a35d0df80cb5d12101d8 #v3.15.1
        if: ${{ failure() }}
        with:
          status: ${{ job.status }}
          fields: repo,workflow,action,eventName
          text: "Post-release homebrew publish workflow has failed: https://github.com/anchore/syft/actions/workflows/release-homebrew.yaml"
        env:
          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_TOOLBOX_WEBHOOK_URL }}