name: Build, push and deploy Docker image

on:
  push:
    branches: [master, develop]
  release:
    types: [created]
  pull_request:
    types: [ labeled, synchronize ]


# Enables BuildKit
env:
  DOCKER_BUILDKIT: 1

jobs:

  build-front:
    if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
    runs-on: ubuntu-latest

    steps:

      - name: Checkout
        uses: actions/checkout@v2


      # Create a slugified value of the branch
      - uses: rlespinasse/github-slug-action@3.1.0

      - name: "Build and push front image"
        uses: docker/build-push-action@v1
        with:
          dockerfile: front/Dockerfile
          path: ./
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
          repository: thecodingmachine/workadventure-front
          tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
          add_git_labels: true

  build-back:
    if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
    runs-on: ubuntu-latest

    steps:

      - name: Checkout
        uses: actions/checkout@v2

      # Create a slugified value of the branch
      - uses: rlespinasse/github-slug-action@3.1.0

      - name: "Build and push back image"
        uses: docker/build-push-action@v1
        with:
          dockerfile: back/Dockerfile
          path: ./
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
          repository: thecodingmachine/workadventure-back
          tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
          add_git_labels: true

  build-pusher:
    if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
    runs-on: ubuntu-latest

    steps:

      - name: Checkout
        uses: actions/checkout@v2

      # Create a slugified value of the branch
      - uses: rlespinasse/github-slug-action@3.1.0

      - name: "Build and push back image"
        uses: docker/build-push-action@v1
        with:
          dockerfile: pusher/Dockerfile
          path: ./
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
          repository: thecodingmachine/workadventure-pusher
          tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
          add_git_labels: true

  build-uploader:
    if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
    runs-on: ubuntu-latest

    steps:

      - name: Checkout
        uses: actions/checkout@v2

      # Create a slugified value of the branch
      - uses: rlespinasse/github-slug-action@3.1.0

      - name: "Build and push back image"
        uses: docker/build-push-action@v1
        with:
          dockerfile: uploader/Dockerfile
          path: ./
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
          repository: thecodingmachine/workadventure-uploader
          tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
          add_git_labels: true

  build-maps:
    if: ${{ github.event_name == 'push' || github.event_name == 'release' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}
    runs-on: ubuntu-latest

    steps:

      - name: Checkout
        uses: actions/checkout@v2


      # Create a slugified value of the branch
      - uses: rlespinasse/github-slug-action@3.1.0

      - name: "Build and push front image"
        uses: docker/build-push-action@v1
        with:
          dockerfile: maps/Dockerfile
          path: maps/
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
          repository: thecodingmachine/workadventure-maps
          tags: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
          add_git_labels: true

  deeploy:
    needs:
      - build-front
      - build-back
      - build-pusher
      - build-maps
      - build-uploader
    runs-on: ubuntu-latest
    if: ${{ github.event_name == 'push' || github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'deploy') }}

    steps:
      - name: Checkout
        uses: actions/checkout@v2

      # Create a slugified value of the branch
      - uses: rlespinasse/github-slug-action@3.1.0

      - name: Write certificate
        run: echo "${CERTS_PRIVATE_KEY}" > secret.key && chmod 0600 secret.key
        env:
          CERTS_PRIVATE_KEY: ${{ secrets.CERTS_PRIVATE_KEY }}

      - name: Download certificate
        run: mkdir secrets && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i secret.key ubuntu@cert.workadventu.re:./config/live/workadventu.re/* secrets/

      - name: Create namespace
        uses: steebchen/kubectl@v1.0.0
        env:
          KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }}
        with:
          args: create namespace workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
        continue-on-error: true

      - name: Delete old certificates in namespace
        uses: steebchen/kubectl@v1.0.0
        env:
          KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }}
        with:
          args: -n workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} delete secret certificate-tls
        continue-on-error: true

      - name: Install certificates in namespace
        uses: steebchen/kubectl@v1.0.0
        env:
          KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_FILE_BASE64 }}
        with:
          args: -n workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} create secret tls certificate-tls --key="secrets/privkey.pem" --cert="secrets/fullchain.pem"

      - name: Deploy
        uses: thecodingmachine/deeployer-action@master
        env:
          KUBE_CONFIG_FILE: ${{ secrets.KUBE_CONFIG_FILE }}
          ADMIN_API_TOKEN: ${{ secrets.ADMIN_API_TOKEN }}
          JITSI_ISS: ${{ secrets.JITSI_ISS }}
          JITSI_URL: ${{ secrets.JITSI_URL }}
          SECRET_JITSI_KEY: ${{ secrets.SECRET_JITSI_KEY }}
          TURN_STATIC_AUTH_SECRET: ${{ secrets.TURN_STATIC_AUTH_SECRET }}
          DEPLOY_REF: ${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}
        with:
          namespace: workadventure-${{ github.event_name == 'pull_request' && env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }}

      - name: Add a comment in PR
        uses: unsplash/comment-on-pr@v1.2.0
        if: ${{ github.event_name == 'pull_request' }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          msg: Environment deployed at https://play-${{ env.GITHUB_HEAD_REF_SLUG }}.test.workadventu.re