.github/workflows/ci.yml

name: CI

on:
  push:
    branches:
      - master
  pull_request:
    branches:
      - master
      - next-prod

jobs:

  add_review_links:
    runs-on: ubuntu-22.04
    timeout-minutes: 3
    steps:
      - uses: actions/checkout@v4
      - name: Add review links
        env:
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
        run: scripts/github_add_link_for_reviews.sh

  build_and_test_local_api:
    runs-on: ubuntu-22.04
    timeout-minutes: 15
    steps:
      # - run: docker system prune --all --force --volumes
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v3
        with:
          node-version: '18'
          cache: npm
          cache-dependency-path: ui/package-lock.json
      - name: Log into Docker hub
        env:
          DOCKERHUB_USERNAME: ${{secrets.DOCKERHUB_USERNAME}}
          DOCKERHUB_PASSWORD: ${{secrets.DOCKERHUB_PASSWORD}}
        run: |
          docker login -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD
      - run: docker pull rust:1.63
      - name: Run local api tests
        run: make acceptance

  build_and_deploy_api:
    runs-on: ubuntu-22.04
    timeout-minutes: 15
    steps:
      # - run: docker system prune --all --force --volumes
      - uses: actions/checkout@v4
      - name: Log into Docker hub
        env:
          DOCKERHUB_USERNAME: ${{secrets.DOCKERHUB_USERNAME}}
          DOCKERHUB_PASSWORD: ${{secrets.DOCKERHUB_PASSWORD}}
        run: |
          docker login -u $DOCKERHUB_USERNAME -p $DOCKERHUB_PASSWORD
      # Make sure we are building and deploying image with latest security fixes
      - run: docker pull rust:1.63
      - run: docker pull alpine:3.16
      - name: Build api
        run: make build_api
      - name: Push to docker hub and deploy to dev
        env:
          AWS_DEFAULT_REGION: ${{secrets.AWS_DEFAULT_REGION}}
          AWS_ACCESS_KEY_ID: ${{secrets.FARGATE_API_AWS_ACCESS_KEY_ID}}
          AWS_SECRET_ACCESS_KEY: ${{secrets.FARGATE_API_AWS_SECRET_ACCESS_KEY}}
          NGM_ARGOCD_DEPLOYKEY: ${{secrets.NGM_ARGOCD_DEPLOYKEY}}
        run: |
          if [[ ${{github.ref}} == "refs/heads/master" ]]
          then
            docker push camptocamp/swissgeol_api:latest
            mkdir myspace
            chmod go-rwx myspace
            echo -n $NGM_ARGOCD_DEPLOYKEY | base64 -d > myspace/id_key
            chmod go-rwx myspace/id_key
            ssh-keygen -l -f myspace/id_key
            export GIT_SSH_COMMAND="ssh -i `pwd`/myspace/id_key -F none -o StrictHostKeyChecking=off"
            $GIT_SSH_COMMAND git@git.swisstopo.admin.ch
            git config --global user.email "swissgeol-ci-bot@camptocamp.com"
            git config --global user.name "Swissgeol repo CI bot"
            scripts/deploy-to-env.sh dev
          fi

  build_and_deploy_ui:
    runs-on: ubuntu-22.04
    timeout-minutes: 24
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v3
        with:
          node-version: '18'
          cache: npm
          cache-dependency-path: ui/package-lock.json

      - name: Npm setup
        run: cd ui && npm ci && du -sh node_modules

      - name: Lint
        run: cd ui && npm run lint

      - name: Test
        run: cd ui && npm run test

      - name: Cypress run
        uses: cypress-io/github-action@v4
        with:
          command: npm run test:e2e
          working-directory: ui

      - name: Build
        run: export RELEASE_NAME="${scripts/get_github_name.sh}"; echo $RELEASE_NAME; cd ui; npm run build

      - name: Deploy to S3
        env:
          AWS_REGION: "eu-west-1"
          AWS_ACCESS_KEY_ID: ${{secrets.AWS_ACCESS_KEY_ID}}
          AWS_SECRET_ACCESS_KEY: ${{secrets.AWS_SECRET_ACCESS_KEY}}
        run: |
          if [[ ${{github.ref}} == "refs/heads/master" ]]
          then
            cd ui; scripts/deploy_to_s3.sh dev
          elif [[ $GITHUB_EVENT_NAME == "pull_request" ]]
          then
            cd ui; scripts/deploy_to_s3.sh review $GITHUB_HEAD_REF
          fi

      - name: Notify sentry
        env:
          SENTRY_AUTH_TOKEN: ${{secrets.SENTRY_AUTH_TOKEN}}
        run: cd ui; scripts/sentry_upload.sh