name: Build and Deploy

on:
  push:
    branches: [main]
  workflow_dispatch:

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    container:
      image: quay.io/buildah/stable
    steps:
      - name: Checkout
        run: |
          git clone --depth 1 --branch "${{ github.ref_name }}" "${{ github.server_url }}/${{ github.repository }}.git" .
          git checkout "${{ github.sha }}"

      - name: Build image
        run: |
          IMAGE=harbor.scottyah.com/scottyah/blog
          buildah --isolation chroot bud -t $IMAGE:${{ github.sha }} -t $IMAGE:latest .

      - name: Debug secrets
        run: |
          echo "HARBOR_USERNAME length: ${#HARBOR_USERNAME}"
          echo "HARBOR_PASSWORD length: ${#HARBOR_PASSWORD}"
        env:
          HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }}
          HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }}

      - name: Push image
        run: |
          IMAGE=harbor.scottyah.com/scottyah/blog
          buildah login --tls-verify=false -u "$HARBOR_USERNAME" -p "$HARBOR_PASSWORD" harbor.scottyah.com
          buildah --isolation chroot push --tls-verify=false $IMAGE:${{ github.sha }}
          buildah --isolation chroot push --tls-verify=false $IMAGE:latest
        env:
          HARBOR_USERNAME: ${{ secrets.HARBOR_USERNAME }}
          HARBOR_PASSWORD: ${{ secrets.HARBOR_PASSWORD }}

      - name: Deploy
        run: |
          curl -LO "https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
          chmod +x kubectl
          mkdir -p ~/.kube
          echo "${{ secrets.KUBECONFIG_DATA }}" | base64 -d > ~/.kube/config
          sed -i "s|harbor.scottyah.com/scottyah/blog:latest|harbor.scottyah.com/scottyah/blog:${{ github.sha }}|" k8s.yaml
          ./kubectl apply -f k8s.yaml
          ./kubectl rollout status deployment/blog-dep -n blog --timeout=120s