name: "quest import"
on:
  workflow_dispatch:
    inputs:
      reason:
        description: "The reason for running the workflow"
        required: true
        default: "Manual run"
      issue:
        description: "The issue number to manually test"
        required: true

jobs:
  import:
    if: |
      github.event_name == 'workflow_dispatch' ||
      github.event.label.name == 'reQUEST' ||
      github.event.label.name == 'seQUESTered' ||
      contains(github.event.issue.labels.*.name, 'reQUEST') ||
      contains(github.event.issue.labels.*.name, ':pushpin: seQUESTered')
    runs-on: ubuntu-latest
    permissions:
      issues: write
      pull-requests: write
      id-token: write

    steps:
      - name: "Print manual run reason"
        if: ${{ github.event_name == 'workflow_dispatch' }}
        run: |
          echo "Reason: ${{ github.event.inputs.reason }}"
          echo "Issue number: ${{ github.event.inputs.issue }}"

      - name: Azure OpenID Connect
        id: azure-oidc-auth
        uses: dotnet/docs-tools/.github/actions/oidc-auth-flow@main
        with:
          client-id: ${{ secrets.CLIENT_ID }}
          tenant-id: ${{ secrets.TENANT_ID }}
          audience: ${{ secrets.OSMP_API_AUDIENCE }}

      # This step occurs when ran manually, passing the manual issue number input
      - name: manual-sequester
        if: ${{ github.event_name == 'workflow_dispatch' }}
        id: manual-sequester
        uses: dotnet/docs-tools/actions/sequester@main
        env:
          ImportOptions__ApiKeys__GitHubToken: ${{ secrets.GITHUB_TOKEN }}
          ImportOptions__ApiKeys__AzureAccessToken: ${{ steps.azure-oidc-auth.outputs.access-token }}
          ImportOptions__ApiKeys__QuestKey: ${{ secrets.QUEST_KEY }}
          ImportOptions__ApiKeys__SequesterPrivateKey: ${{ secrets.SEQUESTER_PRIVATEKEY }}
          ImportOptions__ApiKeys__SequesterAppID: ${{ secrets.SEQUESTER_APPID }}
        with:
          org: ${{ github.repository_owner }}
          repo: ${{ github.repository }}
          issue: ${{ github.event.inputs.issue }}

      # This step occurs automatically, passing the issue number from the event
      - name: auto-sequester
        if: ${{ github.event_name != 'workflow_dispatch' }}
        id: auto-sequester
        uses: dotnet/docs-tools/actions/sequester@main
        env:
          ImportOptions__ApiKeys__GitHubToken: ${{ secrets.GITHUB_TOKEN }}
          ImportOptions__ApiKeys__AzureAccessToken: ${{ $AZURE_ACCESS_TOKEN }}
          ImportOptions__ApiKeys__QuestKey: ${{ secrets.QUEST_KEY }}
          ImportOptions__ApiKeys__SequesterPrivateKey: ${{ secrets.SEQUESTER_PRIVATEKEY }}
          ImportOptions__ApiKeys__SequesterAppID: ${{ secrets.SEQUESTER_APPID }}
        with:
          org: ${{ github.repository_owner }}
          repo: ${{ github.repository }}
          issue: ${{ github.event.issue.number }}