.github/workflows/docker-build.yml

name: Build and deploy
run-name: "[${{ github.event.workflow_run.head_branch }}] ${{ github.event.workflow_run.head_commit.message }}"

on:
  workflow_run:
    workflows: ["Django tests"]
    types:
      - completed
    branches:
      - dev
      - main

jobs:
  build:
    runs-on: ubuntu-latest
    if: ${{ github.event.workflow_run.event == 'push' && github.event.workflow_run.conclusion == 'success' }}
    environment: build
    concurrency:
      group: deploy-group-${{ github.event.workflow_run.head_branch }}
      cancel-in-progress: true

    steps:
      - name: Checkout code
        uses: actions/checkout@v2
        with:
          ref: ${{ github.event.workflow_run.head_branch }}
      - run: git branch
      - run: env

      - name: Debug github refs
        run: |
          echo "github.event.workflow_run.head_branch = ${{ github.event.workflow_run.head_branch }}"

      - name: Check if Dockerfile or requirements.txt was changed
        id: check_dependencies
        run: |
          if git diff --name-only "${{ github.event.workflow_run.head_branch }}" | grep -q -e 'Dockerfile' -e 'requirements.txt'; then
            echo "Dockerfile or requirements.txt changed"
            echo echo "updated=true" >> $GITHUB_OUTPUT
          else
            echo "Dockerfile or requirements.txt not changed"
            echo echo "updated=false" >> $GITHUB_OUTPUT
          fi

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2
        if: steps.check_dependencies.outputs.updated == 'true'

      - name: Log in to DockerHub
        uses: docker/login-action@v2
        if: steps.check_dependencies.outputs.updated == 'true'
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      - name: Build Docker image
        if: steps.check_dependencies.outputs.updated == 'true'
        run: docker build -t ${{ secrets.DOCKER_IMAGE }}:latest .

      - name: Push Docker image
        if: steps.check_dependencies.outputs.updated == 'true'
        run: docker push ${{ secrets.DOCKER_IMAGE }}:latest

  deploy:
    runs-on: ubuntu-latest
    environment: deployment
    concurrency:
      group: deploy-group-${{ github.event.workflow_run.head_branch }}
      cancel-in-progress: true
    needs: build
    if: needs.build.result == 'success' || needs.build.result == 'skipped'

    steps:
      - name: Checkout Repository
        uses: actions/checkout@v2
        with:
          ref: ${{ github.event.workflow_run.head_branch }}

      - name: Set up Python
        uses: actions/setup-python@v2
        with:
          python-version: '3.11'

      - name: Install Ansible
        run: |
          python -m pip install --upgrade pip
          pip install ansible

      - name: Install ssh keys
        # For reference: https://stackoverflow.com/a/70447517
        run: |
          install -m 600 -D /dev/null ~/.ssh/galaxy
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/galaxy
          echo "${{ secrets.SSH_KNOWN_HOSTS }}" > ~/.ssh/known_hosts

      - name: Run Ansible Playbook
        run: |
          if [ ${{ github.event.workflow_run.head_branch }} == "main" ]; then
            PLAYBOOK=prod.yml
          else
            PLAYBOOK=dev.yml
          fi
          cd ansible
          ansible-playbook -i hosts $PLAYBOOK --tags update
        env:
          ANSIBLE_HOST_KEY_CHECKING: 'False'
          ANSIBLE_REMOTE_USER: ${{ secrets.SSH_USER }}
          ANSIBLE_PRIVATE_KEY_FILE: ~/.ssh/galaxy