main.yml

name: alpha on gcp-k8s

on:
  push:
    branches:
      - gcp-k8s

env:
  DOCKER_USERNAME: ${{ github.actor }}
  DOCKER_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
  DOCKER_REGISTRY: ghcr.io          # if you change this, change it in the .env file as well
  REPO_NAME: ${{ github.event.repository.name }}
  # KOSLI_CLI_VERSION: 2.10.10
  # KOSLI_HOST: https://app.kosli.com
  # KOSLI_ORG: <your-kosli-org>
  # KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }}

jobs:

  setup:
    name: Setup job variables
    runs-on: ubuntu-latest
    outputs:
      image_tag: ${{ steps.variables.outputs.image_tag }}
      image_name: ${{ steps.variables.outputs.image_name }}
      tagged_image_previous: ${{ steps.variables.outputs.tagged_image_previous }}
      image_tar_filename: ${{ steps.variables.outputs.image_tar_filename }}
    steps:
    - uses: actions/checkout@v4.1.1

    - name: Set outputs
      id: variables
      run: |
        export $(cat .env | grep -o '^[^#]*')  # to get DOCKER_ORG_NAME
        image_tag="${GITHUB_SHA:0:7}"
        image_uri="${{ env.DOCKER_REGISTRY }}/${DOCKER_ORG_NAME}/${{ env.REPO_NAME }}-alpha"
        image_name="${image_uri}:${image_tag}"
        tagged_image_previous="${image_uri}:previous"
        image_tar_filename="/tmp/${{ env.REPO_NAME }}-alpha:previous.tar"            
        echo "image_tag=${image_tag}" >> ${GITHUB_OUTPUT}          
        echo "image_name=${image_name}" >> ${GITHUB_OUTPUT}          
        echo "tagged_image_previous=${tagged_image_previous}" >> ${GITHUB_OUTPUT}
        echo "image_tar_filename=${image_tar_filename}" >> ${GITHUB_OUTPUT}


  build-image:
    name: Build docker image, push it to registry, attest to Kosli
    runs-on: ubuntu-latest
    needs: [setup]
    permissions:
      id-token: write
      contents: read
      packages: write
#    outputs:
#      artifact_digest: ${{ steps.variables.outputs.artifact_digest }}

    steps:
    - uses: actions/checkout@v4.1.1

    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3

    - name: Login to GitHub Container Registry
      uses: docker/login-action@v3
      with:
        registry: ${{ env.DOCKER_REGISTRY }}
        username: ${{ env.DOCKER_USERNAME }}
        password: ${{ env.DOCKER_PASSWORD }}

    - name: Build and push Docker image to the GHCR
      id: docker_build
      uses: docker/build-push-action@v5
      with:
        context: .
        push: true
        tags: ${{ needs.setup.outputs.image_name }},${{ needs.setup.outputs.tagged_image_previous }}
        cache-from: type=registry,ref=${{ needs.setup.outputs.tagged_image_previous }}
        cache-to: type=inline,mode=max

    - name: Tar Docker image
      run: |
        docker pull ${{ needs.setup.outputs.image_name }}
        docker image save ${{ needs.setup.outputs.image_name }} --output ${{ needs.setup.outputs.image_tar_filename }}

    - name: Cache Docker image
      uses: actions/cache@v4.0.0
      with:
        path: ${{ needs.setup.outputs.image_tar_filename }}
        key: ${{ needs.setup.outputs.image_name }}

#    - name: Make the image digest available to following jobs
#      id: variables
#      run: |
#        DIGEST=$(echo ${{ steps.docker_build.outputs.digest }} | sed 's/.*://')
#        echo "artifact_digest=${DIGEST}" >> ${GITHUB_OUTPUT}


  lint:
    name: Run rubocop linter and attest to Kosli
    needs: [build-image]
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4.1.1

    - name: Run Rubocop linter on source
      run:
        make lint


  unit-test:
    name: Run unit-tests and attest to Kosli
    needs: [build-image]
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4.1.1

    - name: Run unit-tests
      run:
        make test


  deploy:
    runs-on: ubuntu-latest
    needs: [setup, build-image, lint]
    steps:
    - uses: actions/checkout@v4.1.1

    - uses: azure/setup-kubectl@v3

    - id: 'auth'
      uses: 'google-github-actions/auth@v2'
      with:
        project_id: 'test-kubernetes-environment'
        credentials_json: '${{ secrets.GCP_CREDENTIALS_JSON }}'

    - id: 'get-credentials'
      uses: 'google-github-actions/get-gke-credentials@v2'
      with:
        cluster_name: 'db-playground-2'
        location: 'europe-west1-b'

    - uses: Azure/k8s-deploy@v5
      env:
        IMAGE_NAME: ${{ needs.setup.outputs.image_name }}
      with:
         manifests: |
            deployment/gke
         images: '${{ env.IMAGE_NAME }}'