name: Build and Deploy

on:
  push:
    branches: [main]
  workflow_dispatch:

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    container:
      image: harbor.scottyah.com/quay-cache/buildah/stable
    steps:
      - name: Checkout
        run: |
          git clone --depth 1 --branch "${{ github.ref_name }}" "https://x-access-token:${{ github.token }}@git.scottyah.com/${{ github.repository }}.git" .
          git checkout "${{ github.sha }}"

      - name: Build image
        run: |
          IMAGE=harbor.scottyah.com/secure/awards
          buildah --isolation chroot bud -t $IMAGE:${{ github.sha }} -t $IMAGE:latest .

      - name: Push image
        run: |
          IMAGE=harbor.scottyah.com/secure/awards
          buildah login --tls-verify=false -u "$HARBOR_USERNAME" -p "$HARBOR_PASSWORD" harbor.scottyah.com
          buildah push --tls-verify=false $IMAGE:${{ github.sha }}
          buildah push --tls-verify=false $IMAGE:latest
        env:
          HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }}
          HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }}

      - name: Deploy
        run: |
          curl -sLO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
          chmod +x kubectl
          mkdir -p ~/.kube
          echo "${{ secrets.KUBECONFIG_DATA }}" | base64 -d > ~/.kube/config
          sed -i "s|harbor.scottyah.com/secure/awards:latest|harbor.scottyah.com/secure/awards:${{ github.sha }}|" k8s.yaml
          ./kubectl apply -f k8s.yaml
          ./kubectl rollout status deployment/awards-dep -n awards --timeout=120s