apiVersion: tekton.dev/v1
kind: Task
metadata:
  name: pypi
spec:
  params:
    - name: home
      type: string
      description: home directory

    - name: build-artifact-path
      type: string
      description: Path to the built artifact directory from python-build

    - name: pythonImageName
      type: string
      description: Python version to use (e.g., 3.9, 3.11)
      default: "python:3.11-slim"

    - name: pypi-hosted-url
      type: string
      description: PyPI repository URL for upload
      default: https://upload.pypi.org/legacy/

  workspaces:
    - name: shared
      description: Workspace containing the built artifacts
    - name: nexus-credentials
  steps:
    - name: upload-to-pypi
      image: $(params.pythonImageName)
      env:
        - name: HOME
          value: /workspace/shared/$(params.home)

        - name: TWINE_USERNAME
          valueFrom:
            secretKeyRef:
              name: nexus-credentials
              key: username
        - name: TWINE_PASSWORD
          valueFrom:
            secretKeyRef:
              name: nexus-credentials
              key: password
      script: |
        #!/usr/bin/env bash
        set -e

        ls -al $HOME
        ls -al $HOME/.config/pypoetry/
        cat $HOME/.netrc

        HOSTED_URL="$(params.pypi-hosted-url)"

        echo "📦 Installing tools..."
        pip install --upgrade pip --root-user-action=ignore
        pip install poetry tomli twine --root-user-action=ignore

        echo "[INFO] Uploading artifacts to $HOSTED_URL"
        twine upload \
          --repository-url "$HOSTED_URL" \
          "$(params.build-artifact-path)"/*

        echo "[INFO] ✅ Upload to PyPI complete"