name: Sign

on:
  release:
    types: [released]

jobs:
  sign:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout default branch
        uses: actions/checkout@v3

      - name: Grant it execution permission
        run: |
          chmod +x $GITHUB_WORKSPACE/release/requestsign.sh

      - name: Invoke release signing
        env:
          SIGN_SERVICE_PASSWORD: ${{ secrets.SIGN_SERVICE_PASSWORD }}
          SIGN_SERIVCE_URL: ${{ secrets.SIGN_SERIVCE_URL }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          export SIGN_VERSION=$(cat $GITHUB_EVENT_PATH| jq -r ".release.tag_name")
          echo $SIGN_VERSION
          $GITHUB_WORKSPACE/release/requestsign.sh