backend-on_push.yaml

name: "Backend"

on:
  workflow_dispatch:
  push:
    branches:
      - main
    paths:
      - '.github/workflows/backend-on_push.yaml'
      - 'helm/**'
      - 'src/**'
      - 'pom.xml'

env:
  SERVER_USERNAME: ${{ secrets.USERNAME }}
  SERVER_PASSWORD: ${{ secrets.TOKEN }}
  PROJECT: anibozu

jobs:

  helm:
    runs-on: ubuntu-latest
    steps:

      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup helm
        uses: ./.github/actions/setup-helm
        with:
          kube-config-data: ${{ secrets.KUBECTL_CONFIG }}

      - name: Validate helm chart
        shell: bash
        run: helm lint helm

  tests:
    runs-on: ubuntu-latest
    needs: helm
    steps:

      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up Java
        uses: actions/setup-java@v4
        with:
          java-version: 17
          distribution: 'zulu'
          server-id: anime-project
          server-username: SERVER_USERNAME
          server-password: SERVER_PASSWORD

      - name: Cache maven dependencies
        uses: actions/cache@v4
        with:
          path: ~/.m2/repository
          key: ${{ hashFiles('**/pom.xml') }}

      - name: Tests and Sonar
        run: |
          skip_tests_message="[microservices] set parent version"
          current_commit_message=$(git log -1 --pretty=format:%s)
          
          if [[ "${skip_tests_message}" == "${current_commit_message}" ]]; then
              echo "Tests have been run during [EVENT] parent-ms-released"
              echo "Will skip tests and push to Sonar"
          else
              echo "Regular commit, will run tests and push to Sonar"
              mvn clean package && mvn sonar:sonar -Dsonar.host.url=${{ secrets.SONAR_HOST_URL }} -Dsonar.projectKey=${{ secrets.SONAR_PROJECTKEY }} \
              -Dsonar.organization=${{ secrets.SONAR_ORGANIZATION }} -Dsonar.token=${{ secrets.SONAR_TOKEN }}
          fi

  docker:
    runs-on: ubuntu-latest
    needs: tests
    outputs:
      image-tag: ${{ steps.build-and-push-image.outputs.image-tag }}
    steps:

      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up Java
        uses: actions/setup-java@v4
        with:
          java-version: 17
          distribution: 'zulu'
          server-id: anime-project
          server-username: SERVER_USERNAME
          server-password: SERVER_PASSWORD

      - name: Cache maven dependencies
        uses: actions/cache@v4
        with:
          path: ~/.m2/repository
          key: ${{ hashFiles('**/pom.xml') }}

      - name: Build and Push image
        id: build-and-push-image
        env:
          CONTAINER_REGISTRY_USER: ${{ secrets.CONTAINER_REGISTRY_USER }}
          CONTAINER_REGISTRY_PASS: ${{ secrets.CONTAINER_REGISTRY_PASS }}
        run: |
          commit_hash=$(git rev-parse --short HEAD)
          image_architecture=$(mvn help:evaluate -Dexpression=image.architecture -q -DforceStdout)
          version="${commit_hash}-${image_architecture}"
          mvn clean compile jib:build -Dto.image.version=${version}
          echo "image-tag=${version}" >> $GITHUB_OUTPUT

  k8s:
    runs-on: ubuntu-latest
    needs: docker
    steps:

      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup helm
        uses: ./.github/actions/setup-helm
        with:
          kube-config-data: ${{ secrets.KUBECTL_CONFIG }}

      - name: Setup cloudflared
        shell: bash
        run: |
          version="2024.1.5"
          target_os="linux"
          target_arch="amd64"
          
          sudo curl -L https://github.com/cloudflare/cloudflared/releases/download/${version}/cloudflared-${target_os}-${target_arch} -o /usr/bin/cloudflared && \
          sudo chmod +x /usr/bin/cloudflared && \
          cloudflared -v

      - name: Create a tcp connection
        shell: bash
        run: nohup cloudflared access tcp --hostname ${{ secrets.K8S_HOST }} --url 127.0.0.1:1234 &

      - name: Deploy to k8s
        shell: bash
        env:
          HTTPS_PROXY: "socks5://127.0.0.1:1234"
        run: |
          helm upgrade --install --set image.tag=${{ needs.docker.outputs.image-tag }} \
          --set ingress.annotations."nginx\.ingress\.kubernetes\.io/limit-whitelist"="${{ secrets.LIMIT_WHITELIST }}" \
          ${{ env.PROJECT }} helm