on:
  issues:
    types: [opened, closed, deleted, reopened]
  pull_request_target:
    types: [opened, closed, reopened]
  issue_comment: # Also triggers when commenting on a PR from the conversation view
    types: [created]
  workflow_dispatch:

permissions:
  contents: read

name: Jira Sync

jobs:
  sync:
    runs-on: ${{ fromJSON(vars.RUNNER) }}
    name: Jira sync
    steps:
    - name: Check if community user
      if: github.event.action == 'opened'
      id: boundary-team-role
      run: |
        TEAM=boundary
        ROLE="$(gh api orgs/hashicorp/teams/${TEAM}/memberships/${{ github.actor }} | jq -r '.role | select(.!=null)')"
        if [[ -n ${ROLE} ]]; then
          echo "Actor ${{ github.actor }} is a ${TEAM} team member, skipping ticket creation"
        else
          echo "Actor ${{ github.actor }} is not a ${TEAM} team member"
        fi
        echo "role=${ROLE}" >> "$GITHUB_OUTPUT"
      env:
        GITHUB_TOKEN: ${{ secrets.JIRA_SYNC_GITHUB_TOKEN }}

    - name: Set ticket type
      if: github.event.action == 'opened' && !steps.boundary-team-role.outputs.role
      id: set-ticket-type
      run: |
        if [[ "${{ github.event_name }}" == "pull_request_target" ]]; then
          echo "type=PR" >> "$GITHUB_OUTPUT"
        else
          echo "type=ISS" >> "$GITHUB_OUTPUT"
        fi

    - name: Create ticket
      if: github.event.action == 'opened' && !steps.boundary-team-role.outputs.role
      uses: tomhjp/gh-action-jira-create@3ed1789cad3521292e591a7cfa703215ec1348bf # v0.2.1
      env:
        JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
        JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
        JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
      with:
        project: ICU
        issuetype: "GH Issue"
        summary: "${{ github.event.repository.name }} [${{ steps.set-ticket-type.outputs.type }} #${{ github.event.issue.number || github.event.pull_request.number }}]: ${{ github.event.issue.title || github.event.pull_request.title }}"
        description: "${{ github.event.issue.body || github.event.pull_request.body }}\n\n_Created from GitHub Action for ${{ github.event.issue.html_url || github.event.pull_request.html_url }} from ${{ github.actor }}_"
        # customfield_10089 is Issue Link custom field
        extraFields: '{"customfield_10089": "${{ github.event.issue.html_url || github.event.pull_request.html_url }}"}'

    - name: Search
      if: github.event.action != 'opened'
      id: search
      uses: tomhjp/gh-action-jira-search@04700b457f317c3e341ce90da5a3ff4ce058f2fa # v0.2.2
      env:
        JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
        JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
        JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
      with:
        # cf[10089] is Issue Link custom field
        jql: 'issuetype = "GH Issue" and cf[10089]="${{ github.event.issue.html_url || github.event.pull_request.html_url }}"'

    - name: Sync comment
      if: github.event.action == 'created' && steps.search.outputs.issue
      uses: tomhjp/gh-action-jira-comment@6eb6b9ead70221916b6badd118c24535ed220bd9 # v0.2.0
      env:
        JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
        JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
        JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
      with:
        issue: ${{ steps.search.outputs.issue }}
        comment: "${{ github.actor }} ${{ github.event.review.state || 'commented' }}:\n\n${{ github.event.comment.body || github.event.review.body }}\n\n${{ github.event.comment.html_url || github.event.review.html_url }}"

    - name: Transitions
      id: transitions
      if: steps.search.outputs.issue
      run: |
        if [[ "${{ github.event.action }}" == "closed" || "${{ github.event.action }}" == "deleted" ]]; then
          echo "Closing ticket"
          echo "name=Done" >> "$GITHUB_OUTPUT"
        elif [[ "${{ github.event.action }}" == "reopened" ]]; then
          echo "Reopening ticket"
          echo "name='Reopen'" >> "$GITHUB_OUTPUT"
        fi

      # Transition issue API reference: https://developer.atlassian.com/cloud/jira/platform/rest/v3/api-group-issues/#api-rest-api-3-issue-issueidorkey-transitions-post
    - name: Transition ticket
      if: steps.transitions.outputs.name
      run: |
        transitions="$(curl --silent \
          --url "${{ secrets.JIRA_BASE_URL }}rest/api/3/issue/${{ steps.search.outputs.issue }}/transitions" \
          --user "${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }}" \
          --header "Accept: application/json")"
        id="$(echo "${transitions}" | jq -r '.transitions[] | select(.name == "${{ steps.transitions.outputs.name }}") | .id')"
        curl --silent \
          --url "${{ secrets.JIRA_BASE_URL }}rest/api/3/issue/${{ steps.search.outputs.issue }}/transitions" \
          --user "${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }}" \
          --header "Accept: application/json" \
          --header "Content-Type: application/json" \
          --data "$(printf '{"transition": {"id": "%s"}}' "${id}")"