.github/workflows/deployment.yaml

---
name: Deployment

on:
  workflow_dispatch:
    inputs:
      environment:
        description: Environment to deploy to
        type: environment
        required: true
  # add back in when ready to add the terraform
  # push:
  #   branches:
  #     - main

permissions:
  id-token: write
  contents: read
  packages: write
jobs:
  terraform:
    name: Run Terraform
    runs-on: ubuntu-latest
    environment: main
    defaults:
      run:
        shell: bash
        working-directory: ./terraform/implementation
    outputs:
      tf_env: ${{ steps.set-environment.outputs.tf_env }}
      short_cid: ${{ steps.set-environment.outputs.short_cid }}
      record_linkage_container_url:
        ${{ steps.terraform.outputs.record_linkage_container_url
        }}
    steps:
      - name: Check Out Changes
        uses: actions/checkout@v3

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v2

      - name: Azure login
        uses: azure/login@v1
        with:
          client-id: ${{ secrets.CLIENT_ID }}
          tenant-id: ${{ secrets.TENANT_ID }}
          subscription-id: ${{ secrets.SUBSCRIPTION_ID }}

      - name: Load input variables
        env:
          SUBSCRIPTION_ID: ${{ secrets.SUBSCRIPTION_ID }}
          LOCATION: ${{ secrets.LOCATION }}
          RESOURCE_GROUP_NAME: ${{ secrets.RESOURCE_GROUP_NAME }} #the one thats selected
          SMARTY_AUTH_ID: ${{ secrets.SMARTY_AUTH_ID }}
          SMARTY_AUTH_TOKEN: ${{ secrets.SMARTY_AUTH_TOKEN }}
          SMARTY_LICENSE_TYPE: ${{ secrets.SMARTY_LICENSE_TYPE }}
          CLIENT_ID: ${{ secrets.CLIENT_ID }}
          OBJECT_ID: ${{ secrets.OBJECT_ID }}
        run: |
          echo subscription_id=\""$SUBSCRIPTION_ID"\" >> terraform.tfvars
          echo location=\""$LOCATION"\" >> terraform.tfvars
          echo resource_group_name=\""$RESOURCE_GROUP_NAME"\" >> terraform.tfvars
          echo smarty_auth_id=\""$SMARTY_AUTH_ID"\" >> terraform.tfvars
          echo smarty_auth_token=\""$SMARTY_AUTH_TOKEN"\" >> terraform.tfvars
          echo smarty_license_type=\""$SMARTY_LICENSE_TYPE"\" >> terraform.tfvars
          echo client_id=\""$CLIENT_ID"\" >> terraform.tfvars
          echo object_id=\""$OBJECT_ID"\" >> terraform.tfvars
          echo use_oidc=true >> terraform.tfvars
          echo resource_group_name=\""$RESOURCE_GROUP_NAME"\" >> backend.tfvars
          echo storage_account_name=\"phditfstate"${CLIENT_ID:0:8}"\" >> backend.tfvars
          echo use_oidc=true >> backend.tfvars
          echo use_msi=true >> backend.tfvars
          az config set defaults.location=$LOCATION defaults.group=$RESOURCE_GROUP_NAME

      - name: Set environment
        id: set-environment
        env:
          CLIENT_ID: ${{ secrets.CLIENT_ID }}
        run: |-
          echo "tf_env=$(
            echo ${{ github.event.inputs.environment }}
          )" >> $GITHUB_OUTPUT
          echo "short_cid=${CLIENT_ID:0:8}" >> $GITHUB_OUTPUT

      - name: terraform
        env:
          ARM_CLIENT_ID: ${{ secrets.CLIENT_ID }}
          ARM_TENANT_ID: ${{ secrets.TENANT_ID }}
          ARM_SUBSCRIPTION_ID: ${{ secrets.SUBSCRIPTION_ID }}
          TF_ENV: ${{ steps.set-environment.outputs.tf_env }}
        run: |
          terraform init -backend-config=backend.tfvars
          terraform workspace select -or-create $TF_ENV
          terraform apply -auto-approve -lock-timeout=30m

  build:
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Log in to GitHub container registry
        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Lowercase the repo name
        run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}

      - name: Build and push container image to registry
        uses: docker/build-push-action@v4
        with:
          context: front-end
          push: true
          tags: ghcr.io/${{ env.REPO }}:${{ github.sha }}
          file: ./front-end/Dockerfile
  deploy:
    runs-on: ubuntu-latest
    needs: build
    environment:
      name: ${{ github.event.inputs.environment }}
      url: ${{ steps.deploy-to-webapp.outputs.webapp-url }}
    steps:
      - name: Lowercase the repo name
        run: echo "REPO=${GITHUB_REPOSITORY,,}" >>${GITHUB_ENV}

      - name: Deploy to Azure Web App
        id: deploy-to-webapp
        uses: azure/webapps-deploy@v3
        with:
          app-name: app-service-${{ github.event.inputs.environment }}-dibbs
          publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
          images: 'ghcr.io/${{ env.REPO }}:${{ github.sha }}'