.github/workflows/deployment.yaml

---
name: Deployment

on:
  workflow_dispatch:
    inputs:
      environment:
        description: Environment to deploy to
        type: environment
        required: true
  push:
    branches:
      - boban/deploy-frontend
  # add back in when ready to add the terraform
  # push:
  #   branches:
  #     - main

permissions:
  id-token: write
  contents: read
  packages: write
jobs:
  terraform:
    name: Run Terraform (${{github.event.inputs.environment}})
    runs-on: ubuntu-latest
    environment: main
    defaults:
      run:
        shell: bash
        working-directory: ./terraform/implementation
    outputs:
      tf_env: ${{ steps.set-environment.outputs.tf_env }}
      short_cid: ${{ steps.set-environment.outputs.short_cid }}
      record_linkage_container_url:
        ${{ steps.terraform.outputs.record_linkage_container_url
        }}
    steps:
      - name: Check Out Changes
        uses: actions/checkout@v3

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v2

      - name: Azure login
        uses: azure/login@v1
        with:
          client-id: ${{ secrets.CLIENT_ID }}
          tenant-id: ${{ secrets.TENANT_ID }}
          subscription-id: ${{ secrets.SUBSCRIPTION_ID }}

      - name: Load input variables
        env:
          SUBSCRIPTION_ID: ${{ secrets.SUBSCRIPTION_ID }}
          LOCATION: ${{ secrets.LOCATION }}
          RESOURCE_GROUP_NAME: ${{ secrets.RESOURCE_GROUP_NAME }} #the one thats selected
          SMARTY_AUTH_ID: ${{ secrets.SMARTY_AUTH_ID }}
          SMARTY_AUTH_TOKEN: ${{ secrets.SMARTY_AUTH_TOKEN }}
          SMARTY_LICENSE_TYPE: ${{ secrets.SMARTY_LICENSE_TYPE }}
          CLIENT_ID: ${{ secrets.CLIENT_ID }}
          OBJECT_ID: ${{ secrets.OBJECT_ID }}
        run: |
          echo subscription_id=\""$SUBSCRIPTION_ID"\" >> terraform.tfvars
          echo location=\""$LOCATION"\" >> terraform.tfvars
          echo resource_group_name=\""$RESOURCE_GROUP_NAME"\" >> terraform.tfvars
          echo smarty_auth_id=\""$SMARTY_AUTH_ID"\" >> terraform.tfvars
          echo smarty_auth_token=\""$SMARTY_AUTH_TOKEN"\" >> terraform.tfvars
          echo smarty_license_type=\""$SMARTY_LICENSE_TYPE"\" >> terraform.tfvars
          echo client_id=\""$CLIENT_ID"\" >> terraform.tfvars
          echo object_id=\""$OBJECT_ID"\" >> terraform.tfvars
          echo use_oidc=true >> terraform.tfvars
          echo resource_group_name=\""$RESOURCE_GROUP_NAME"\" >> backend.tfvars
          echo storage_account_name=\"phditfstate"${CLIENT_ID:0:8}"\" >> backend.tfvars
          echo use_oidc=true >> backend.tfvars
          echo use_msi=true >> backend.tfvars
          az config set defaults.location=$LOCATION defaults.group=$RESOURCE_GROUP_NAME

      - name: Set environment
        id: set-environment
        env:
          CLIENT_ID: ${{ secrets.CLIENT_ID }}
        run: |-
          echo "tf_env=$(
          if [[ "${{ github.event.inputs.environment }}" != "" ]]; then
            echo ${{ github.event.inputs.environment }}
          else
            echo dev
          fi
          )" >> $GITHUB_OUTPUT
          echo "short_cid=${CLIENT_ID:0:8}" >> $GITHUB_OUTPUT

      - name: terraform
        env:
          ARM_CLIENT_ID: ${{ secrets.CLIENT_ID }}
          ARM_TENANT_ID: ${{ secrets.TENANT_ID }}
          ARM_SUBSCRIPTION_ID: ${{ secrets.SUBSCRIPTION_ID }}
          TF_ENV: ${{ steps.set-environment.outputs.tf_env }}
        run: |
          terraform init -backend-config=backend.tfvars
          terraform workspace select -or-create $TF_ENV
          terraform apply -auto-approve -lock-timeout=30m

  build:
    runs-on: ubuntu-latest
    needs: deployTerraform
    steps:
      - uses: actions/checkout@v4

      - name: Set up Node.js version
        uses: actions/setup-node@v3
        with:
          node-version: '18.x'

      - name: npm install, build, and test
        run: |
          cd front-end
          npm install
          npm run build --if-present
          npm run test --if-present

      - name: Zip artifact for deployment
        run: zip release.zip ./front-end/.next/* -r

      - name: Upload artifact for deployment job
        uses: actions/upload-artifact@v3
        with:
          name: node-app
          path: release.zip
  deploy:
    runs-on: ubuntu-latest
    needs: build
    environment:
      name: 'production'
      url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}

    steps:
      - name: Download artifact from build job
        uses: actions/download-artifact@v3
        with:
          name: node-app

      - name: Unzip artifact for deployment
        run: unzip release.zip

      - name: 'Deploy to Azure Web App'
        id: deploy-to-webapp
        uses: azure/webapps-deploy@v2
        with:
          app-name: 'app-service-dev2-dibbs'
          slot-name: 'production'
          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE_DEV2 }}
          package: .