on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main
  # Allow manual trigger
  workflow_dispatch:

env:
  REGISTRY: registrar.mattiaswiberg.com
  IMAGE_NAME: nextjs-slack-clone
  HELM_CHART_PATH: ./helm/nextjs-slack-clone
  NAMESPACE: default  # Change to your application's namespace

jobs:
  build-and-push:
    runs-on: microk8s
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
        with:
          # Skip post-checkout step that requires node
          fetch-depth: 1
          submodules: recursive

      - name: Install Node.js
        run: |
          # Install Node.js which is required for the checkout action
          sudo apt-get update
          sudo apt-get install -y nodejs npm

      - name: Set up Docker Buildx
        run: |
          # Set up buildx for multi-platform builds
          docker buildx create --use

      - name: Login to Container Registry
        run: |
          echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login ${{ env.REGISTRY }} -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin
        
      # Generate a version tag based on commit hash
      - name: Generate version tag
        id: generate_tag
        run: |
          COMMIT_HASH=$(echo ${GITHUB_SHA} | cut -c1-7)
          VERSION_TAG="${COMMIT_HASH}"
          echo "VERSION_TAG=$VERSION_TAG" >> $GITHUB_OUTPUT
          # Also set latest tag for convenience
          echo "LATEST_TAG=latest" >> $GITHUB_OUTPUT

      # Build and push Docker image
      - name: Build and push
        run: |
          # Build the image
          docker build \
            --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.VERSION_TAG }} \
            --tag ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.LATEST_TAG }} \
            --build-arg NEXT_PUBLIC_SUPABASE_URL=${{ secrets.NEXT_PUBLIC_SUPABASE_URL }} \
            --build-arg NEXT_PUBLIC_SUPABASE_ANON_KEY=${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }} \
            .

          # Push the image with version tag and latest tag
          docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.VERSION_TAG }}
          docker push ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.generate_tag.outputs.LATEST_TAG }}
    deploy:
    needs: build-and-push
    runs-on: microk8s
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
        with:
          # Skip post-checkout step that requires node
          fetch-depth: 1
          submodules: recursive
      
      # Generate the same version tag as build-and-push job
      - name: Generate version tag
        id: generate_tag
        run: |
          COMMIT_HASH=$(echo ${GITHUB_SHA} | cut -c1-7)
          VERSION_TAG="${COMMIT_HASH}"
          echo "VERSION_TAG=$VERSION_TAG" >> $GITHUB_OUTPUT

      - name: Set up kubectl
        run: |
          # Install kubectl
          curl -LO "https://dl.k8s.io/release/stable.txt"
          KUBE_VERSION=$(cat stable.txt)
          curl -LO "https://dl.k8s.io/release/$KUBE_VERSION/bin/linux/amd64/kubectl"
          chmod +x kubectl
          mv kubectl /usr/local/bin/

      - name: Set up Helm
        run: |
          # Install Helm
          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
          chmod +x get_helm.sh
          ./get_helm.sh

      # Create kubeconfig using service account token
      - name: Configure kubeconfig from service account
        run: |
          # Create kubeconfig using service account token
          mkdir -p $HOME/.kube
          cat > $HOME/.kube/config <<EOF
          apiVersion: v1
          kind: Config
          clusters:
          - name: cluster
            cluster:
              server: ${{ secrets.K8S_SERVER_URL }}
              certificate-authority-data: ${{ secrets.K8S_CA_CERT }}
          users:
          - name: ci-deployer
            user:
              token: ${{ secrets.K8S_SA_TOKEN }}
          contexts:
          - name: default
            context:
              cluster: cluster
              user: ci-deployer
              namespace: ${{ env.NAMESPACE }}
          current-context: default
          EOF
          chmod 600 $HOME/.kube/config

      - name: Deploy with Helm
        run: |
          # Deploy using Helm with service account authentication
          helm upgrade --install nextjs-slack-clone ${{ env.HELM_CHART_PATH }} \
            --namespace ${{ env.NAMESPACE }} \
            --set image.tag=${{ steps.generate_tag.outputs.VERSION_TAG }} \
            --set registry.username=${{ secrets.REGISTRY_USERNAME }} \
            --set registry.password=${{ secrets.REGISTRY_PASSWORD }} \
            --set env.NEXT_PUBLIC_SUPABASE_URL=${{ secrets.NEXT_PUBLIC_SUPABASE_URL }} \
            --set env.NEXT_PUBLIC_SUPABASE_ANON_KEY=${{ secrets.NEXT_PUBLIC_SUPABASE_ANON_KEY }}