name: Update GeoLite Database

on:
  schedule:
    - cron: "0 3 1 * *"
  workflow_dispatch:
    inputs:
      branch:
        description: "Target branch against which to create PR"
        required: false
        default: "master"

env:
  MAXMIND_URL: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${{ secrets.MAXMIND_LICENSE_KEY }}&suffix=tar.gz"
  MAXMIND_SHA256_URL: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${{ secrets.MAXMIND_LICENSE_KEY }}&suffix=tar.gz.sha256"
  TAR_FILE_NAME: "GeoLite2-Country.tar.gz"
  TAR_SHA256_FILE_NAME: "GeoLite2-Country.tar.gz.sha256"
  TAR_UNZIPPED_ROOT_PATTERN: "GeoLite2-Country_*"
  DB_FILE: "GeoLite2-Country.mmdb"
  DB_DESTINATION_PATH: "common/static/data/geoip"

jobs:
  download-and-replace:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Repository
        uses: actions/checkout@v4

      - name: Download GeoLite tar file
        run: |
          wget -O '${{ env.TAR_FILE_NAME }}' '${{ env.MAXMIND_URL }}'\

      - name: Download GeoLite sha256 file
        run: |
          wget -O '${{ env.TAR_SHA256_FILE_NAME }}' '${{ env.MAXMIND_SHA256_URL }}'\

      - name: Check SHA256 hash
        run: |
          sha256sum '${{ env.TAR_FILE_NAME }}' | grep $(cat '${{ env.TAR_SHA256_FILE_NAME }}' | cut -d' ' -f1)

      - name: Extract tar file
        run: |
          tar xvf '${{ env.TAR_FILE_NAME }}'

      - name: Copy DB file to destination path
        run: |
          find . -type d -name '${{ env.TAR_UNZIPPED_ROOT_PATTERN }}' -exec cp {}/'${{ env.DB_FILE }}' '${{ env.DB_DESTINATION_PATH }}'/ \;

      - name: Delete un-required content
        run: |
          rm '${{ env.TAR_FILE_NAME }}'
          rm '${{ env.TAR_SHA256_FILE_NAME }}'
          find . -type d -name '${{ env.TAR_UNZIPPED_ROOT_PATTERN }}' -exec rm -r {} \; || true

      - name: PR preflight
        run: |
          if git diff --exit-code; then
              echo 'Summary: No updates/changes detected. Terminating the run and no pull request is going to be created.' | tee -a '$GITHUB_STEP_SUMMARY'
              exit 1
          else
              echo 'Updates/changes detected, going to create PR.'
          fi

      - name: Setup git
        run: |
          git config --global user.email '${{ github.actor }}@users.noreply.github.com'
          git config --global user.name '${{ github.actor }}'

      - name: Create a branch, commit the code and make a PR
        id: create-pr
        run: |
          BRANCH="${{ github.actor }}/geoip2-bot-update-country-database-$(echo "${{ github.sha }}" | cut -c 1-7)"
          git checkout -b $BRANCH
          git add .
          git status
          git commit -m "chore: geoip2: update maxmind geolite country database"
          git push --set-upstream origin $BRANCH
          PR_URL=$(gh pr create \
              --title "Update GeoLite Database" \
              --body "PR generated by workflow `${{ github.workflow }}` on behalf of @${{ github.actor }}." \
              --head $BRANCH \
              --base 'master' \
              --reviewer 'feanil' \
              | grep -o 'https://github.com/.*/pull/[0-9]*')
          echo "PR Created: ${PR_URL}"
          echo "pull-request-url=$PR_URL" >> $GITHUB_OUTPUT
        env:
          GH_TOKEN: ${{ github.token }}

      - name: Job summary
        run: |
          PR_URL=${{ steps.create-pr.outputs.pull-request-url }}
          if [[ -z '$PR_URL' ]]; then
              echo 'Error: PR creation unsuccessful; refer to the log for further details.' | tee -a "${GITHUB_STEP_SUMMARY}"
              exit 1
          else
              echo "PR: ${PR_URL}" | tee -a "${GITHUB_STEP_SUMMARY}"
          fi