.github/workflows/deploy_onboarding_ms.yml

name: Deploy onboarding ms

# Controls when the workflow will run
on:
  pull_request:
    branches:
      - develop
    types: [ closed ]
    paths:
      - 'onboarding-ms/**'

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:
    inputs:
      environment:
        required: true
        type: choice
        description: Select the Environment
        options:
          - dev
          - uat
          - prod

permissions:
  packages: write
  contents: write
  issues: write
  id-token: write
  deployments: write

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  setup:
    name: Setup
    # The type of runner that the job will run on
    runs-on: ubuntu-latest
    outputs:
      environment: ${{ steps.setvars.outputs.environment }}

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      - name: pull request rejected
        if: github.event_name == 'pull_request' && github.event.action == 'closed' && github.event.pull_request.merged != true
        run: |
          echo "❌ PR was closed without a merge"
          exit 1

      - name: Set variables
        id: setvars
        run: |
          if [[ "${{inputs.environment}}" != null ]]
          then
            echo "environment=${{inputs.environment}}" >> $GITHUB_OUTPUT

          else
            if [[ "${{github.base_ref}}" == "master" || "${{github.ref}}" == "refs/heads/master" ]]; then
              echo "environment=prod" >> $GITHUB_OUTPUT
            fi

            if [[ "${{github.base_ref}}" == "develop" || "${{github.ref}}" == "refs/heads/develop" ]]; then
              echo "environment=uat" >> $GITHUB_OUTPUT
            fi
          fi

  image:
    needs: [ setup ]
    name: Build and Push Docker Image
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ github.ref_name }}

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          java-version: 17
          distribution: 'temurin'

      - name: Build project with Maven
        run: mvn -B package --file onboarding-ms/pom.xml

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v4.3.0
        with:
          images: ghcr.io/${{ github.repository }}-ms
          tags: |
            latest
            type=ref,event=branch
            type=sha

      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: ./onboarding-ms
          file: ./onboarding-ms/src/main/docker/Dockerfile.jvm 
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          secrets: |
            GH_TOKEN=${{ secrets.READ_PACKAGES_TOKEN }}

  deploy:
    name: Deploy to container app
    runs-on: ubuntu-latest
    needs: [setup,image]
    environment: ${{needs.setup.outputs.environment}}

    env:
      YAML_FILE_PATH: '${{ github.workspace }}/onboarding-ms/deploy-image-container-app.yaml'

    steps:
      - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
        with:
          ref: ${{ github.ref_name }}
      # Log in to Azure CLI
      - name: Log in to Azure
        uses: azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
        with:
          client-id: ${{ secrets.CLIENT_ID }}
          tenant-id: ${{ secrets.TENANT_ID }}
          subscription-id: ${{ secrets.SUBSCRIPTION_ID }}

      - name: Update values in YAML configuration file
        shell: pwsh
        run: |
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$SUBSCRIPTION_ID$', '${{ secrets.SUBSCRIPTION_ID }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$RESOURCE_GROUP$', '${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_RESOURCE_GROUP_NAME }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$CONTAINER_APP_ENV$', '${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_NAME }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$JWT_PUBLIC_KEY$', '${{ secrets.JWT_PUBLIC_KEY }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$MONGODB_CONNECTION_URI$', '${{ secrets.MONGODB_CONNECTION_URI }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$USER_REGISTRY_API_KEY$', '${{ secrets.USER_REGISTRY_API_KEY }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$USER_REGISTRY_URL$', '${{ vars.USER_REGISTRY_URL }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$ONBOARDING_FUNCTIONS_API_KEY$', '${{ secrets.ONBOARDING_FUNCTIONS_API_KEY }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$ONBOARDING_FUNCTIONS_URL$', '${{ vars.ONBOARDING_FUNCTIONS_URL }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$ONBOARDING_ALLOWED_INSTITUTIONS_PRODUCTS$', '${{ vars.ONBOARDING_ALLOWED_INSTITUTIONS_PRODUCTS }}') | Set-Content ${{ env.YAML_FILE_PATH }}


      # Build and deploy the container app
      - name: Build and deploy Container App
        uses: azure/container-apps-deploy-action@v1
        with:
          containerAppName: selc-onboarding-ms
          containerAppEnvironment: ${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_NAME }}
          resourceGroup: ${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_RESOURCE_GROUP_NAME }}
          yamlConfigPath: ${{ env.YAML_FILE_PATH }}

  deploy_dev:
    name: Deploy to container app DEV
    runs-on: ubuntu-latest
    needs: [setup,image]
    if: "${{ needs.setup.outputs.environment }} == 'uat' "
    environment: dev

    env:
      YAML_FILE_PATH: '${{ github.workspace }}/onboarding-ms/deploy-image-container-app.yaml'

    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ github.ref_name }}
          
      # Log in to Azure CLI
      - name: Log in to Azure
        uses: azure/login@v1
        with:
          client-id: ${{ secrets.CLIENT_ID }}
          tenant-id: ${{ secrets.TENANT_ID }}
          subscription-id: ${{ secrets.SUBSCRIPTION_ID }}

      - name: Update values in YAML configuration file
        shell: pwsh
        run: |
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$SUBSCRIPTION_ID$', '${{ secrets.SUBSCRIPTION_ID }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$RESOURCE_GROUP$', '${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_RESOURCE_GROUP_NAME }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$CONTAINER_APP_ENV$', '${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_NAME }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$JWT_PUBLIC_KEY$', '${{ secrets.JWT_PUBLIC_KEY }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$MONGODB_CONNECTION_URI$', '${{ secrets.MONGODB_CONNECTION_URI }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$USER_REGISTRY_API_KEY$', '${{ secrets.USER_REGISTRY_API_KEY }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$USER_REGISTRY_URL$', '${{ vars.USER_REGISTRY_URL }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$ONBOARDING_FUNCTIONS_API_KEY$', '${{ secrets.ONBOARDING_FUNCTIONS_API_KEY }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$ONBOARDING_FUNCTIONS_URL$', '${{ vars.ONBOARDING_FUNCTIONS_URL }}') | Set-Content ${{ env.YAML_FILE_PATH }}
          (Get-Content ${{ env.YAML_FILE_PATH }}).Replace('$ONBOARDING_ALLOWED_INSTITUTIONS_PRODUCTS$', '${{ vars.ONBOARDING_ALLOWED_INSTITUTIONS_PRODUCTS }}') | Set-Content ${{ env.YAML_FILE_PATH }}


      # Build and deploy the container app
      - name: Build and deploy Container App
        uses: azure/container-apps-deploy-action@v1
        with:
          containerAppName: selc-onboarding-ms
          containerAppEnvironment: ${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_NAME }}
          resourceGroup: ${{ vars.CONTAINER_APP_SELC_ENVIRONMENT_RESOURCE_GROUP_NAME }}
          yamlConfigPath: ${{ env.YAML_FILE_PATH }}