.github/workflows/ingest-push.yml

name: ingest push

on:
  push:
    branches:
      - feature/*
      - dev/*
  pull_request:
    types: [closed]

env:
  NODE_VERSION: 22.8
  IMAGE_NAME: ard-eventhub-europe-west3/ingest
  REGISTRY_DOMAIN: europe-west3-docker.pkg.dev

jobs:
  security:
    name: Check permissions for action runs
    runs-on: ubuntu-latest
    if: github.event.pull_request.merged == true || github.event_name == 'push'
    steps:
      - run: |
          echo "Security checks passed!"

  test:
    needs: security
    runs-on: ubuntu-latest
    steps:
      - name: 👀 Checkout Code
        uses: actions/checkout@v4

      - name: 🏗 Install Node.js
        uses: actions/setup-node@v4
        with:
          node-version: ${{ env.NODE_VERSION }}

      - name: 🛠 Setup Bun
        uses: oven-sh/setup-bun@v2
        with:
          bun-version: latest

      - name: 📦 Install Dependencies
        run: bun install

      - name: 🔑 Setup Google Cloud Auth
        uses: google-github-actions/auth@v2
        with:
          credentials_json: ${{ secrets.GCP_GITHUB_SERVICE_ACCOUNT_KEY }}
          create_credentials_file: true

      - name: 📚 Lint Code
        run: bun lint

      - name: 🧪 Run Ingest Tests
        env:
          DD_TRACE_ENABLED: false
          DTS_KEYS: ${{ secrets.TEST_DTS_KEYS }}
          FIREBASE_API_KEY: ${{ secrets.TEST_FIREBASE_API_KEY }}
          GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
          PUBSUB_SERVICE_ACCOUNT_EMAIL_INTERNAL: ${{ secrets.PUBSUB_SERVICE_ACCOUNT_EMAIL }}
          SERVICE_NAME: ard-eventhub-ingest
          STAGE: dev
          TEST_USER: ${{ secrets.TEST_USER }}
          TEST_USER_PW: ${{ secrets.TEST_USER_PW }}
        run: npm run ingest:test

  docker:
    runs-on: ubuntu-latest
    needs: test
    outputs:
      VERSION: ${{ steps.push.outputs.VERSION }}
    steps:
      - name: 👀 Checkout Code
        uses: actions/checkout@v4

      - name: 🔑 Setup Google Cloud Auth
        uses: google-github-actions/auth@v2
        with:
          credentials_json: ${{ secrets.GCP_GITHUB_SERVICE_ACCOUNT_KEY }}

      - name: 🔑 Login to Registry
        run: 'gcloud auth configure-docker $REGISTRY_DOMAIN'

      - name: 🚧 Building docker image
        run: 'docker build ./ --file ./Dockerfile -t image'

      - name: 🔖 Get Package Version
        id: package-version
        uses: martinbeentjes/npm-get-version-action@main

      - name: 🏷 Tagging & Pushing docker
        id: push
        run: |
          # Strip git ref prefix from version
          BRANCH=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,')

          # Strip "v" prefix from tag name
          [[ "${{ github.ref }}" == "refs/tags/"* ]] && BRANCH=$(echo $BRANCH | sed -e 's/^v//')

          # Add custom wrapper syntax
          VERSION=${{ steps.package-version.outputs.current-version }}-g${{ github.run_number }}

          # Set registry
          IMAGE_URI=$REGISTRY_DOMAIN/${{ secrets.GCP_PROJECT_ID }}/$IMAGE_NAME:$VERSION

          # Push image to registry
          docker tag image $IMAGE_URI
          docker push $IMAGE_URI

          # Update vars
          echo "VERSION=$VERSION" >> $GITHUB_OUTPUT

          # Print vars
          echo "## Docker Version Tag" >> $GITHUB_STEP_SUMMARY
          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY
          echo "$VERSION" >> $GITHUB_STEP_SUMMARY
          echo "\`\`\`" >> $GITHUB_STEP_SUMMARY

      - name: 💬 Comment Version
        uses: peter-evans/create-or-update-comment@v4
        if: github.event.pull_request.merged == true
        with:
          issue-number: ${{ github.event.pull_request.number }}
          body: |
            Docker container is ready!

            VERSION:
            ```
            ${{ steps.push.outputs.VERSION }}
            ```

      - name: 👋 Logout
        run: 'docker logout'

  deploy-A-dev-kubernetes:
    if: github.event.pull_request.merged == true
    environment: dev
    needs: docker
    runs-on: ubuntu-latest
    steps:
      - name: 🚀 Trigger deployment to dev
        run: |
          curl --location --request POST '${{ secrets.ARD_DEPLOYMENT_HOST }}' \
          -s -w "%{http_code}\n" \
          --header 'Authorization: Basic ${{ secrets.ARD_DEPLOYMENT_TOKEN }}' \
          --form 'UMGEBUNG="dev"' \
          --form 'COMPONENT="eventhub-ingest"' \
          --form 'VERSION="${{ needs.docker.outputs.VERSION }}"'

  deploy-B-test-kubernetes:
    if: github.event.pull_request.merged == true
    environment: test
    needs: docker
    runs-on: ubuntu-latest
    steps:
      - name: 🚀 Trigger deployment to test
        run: |
          curl --location --request POST '${{ secrets.ARD_DEPLOYMENT_HOST }}' \
          -s -w "%{http_code}\n" \
          --header 'Authorization: Basic ${{ secrets.ARD_DEPLOYMENT_TOKEN }}' \
          --form 'UMGEBUNG="test"' \
          --form 'COMPONENT="eventhub-ingest"' \
          --form 'VERSION="${{ needs.docker.outputs.VERSION }}"'

  deploy-C-beta-kubernetes:
    if: github.event.pull_request.merged == true
    environment: beta
    needs: docker
    runs-on: ubuntu-latest
    steps:
      - name: 🚀 Trigger deployment to beta
        run: |
          curl --location --request POST '${{ secrets.ARD_DEPLOYMENT_HOST }}' \
          -s -w "%{http_code}\n" \
          --header 'Authorization: Basic ${{ secrets.ARD_DEPLOYMENT_TOKEN }}' \
          --form 'UMGEBUNG="beta"' \
          --form 'COMPONENT="eventhub-ingest"' \
          --form 'VERSION="${{ needs.docker.outputs.VERSION }}"'