name: Deploy

on:
  push:
    branches: [main]

env:
  REGISTRY: git.kimchi
  IMAGE: git.kimchi/tas/major_tom
  NAMESPACE: jnr-web
  DEPLOYMENT: jnr-web

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        run: |
          git config --global http.https://git.kimchi.sslVerify false
          git clone --depth 1 https://${{ secrets.REGISTRY_USER }}:${{ secrets.REGISTRY_PASSWORD }}@git.kimchi/tas/major_tom.git .

      - name: Build and push container image
        run: |
          IMAGE_TAG="${{ env.IMAGE }}:sha-${GITHUB_SHA::8}"
          IMAGE_LATEST="${{ env.IMAGE }}:latest"

          buildah bud -f Containerfile -t "$IMAGE_TAG" -t "$IMAGE_LATEST" .
          buildah login --tls-verify=false "${{ env.REGISTRY }}" -u "${{ secrets.REGISTRY_USER }}" -p "${{ secrets.REGISTRY_PASSWORD }}"
          buildah push --tls-verify=false "$IMAGE_TAG"
          buildah push --tls-verify=false "$IMAGE_LATEST"

          echo "IMAGE_TAG=$IMAGE_TAG" >> "$GITHUB_ENV"

      - name: Deploy to k3s
        run: |
          mkdir -p ~/.kube
          echo "${{ secrets.KUBECONFIG }}" > ~/.kube/config
          chmod 600 ~/.kube/config

          kubectl set image deployment/${{ env.DEPLOYMENT }} \
            ${{ env.DEPLOYMENT }}="${{ env.IMAGE_TAG }}" \
            -n ${{ env.NAMESPACE }}

          kubectl rollout status deployment/${{ env.DEPLOYMENT }} \
            -n ${{ env.NAMESPACE }} --timeout=60s