name: Visitenbuch CI
on:
  push:
    branches:
      - "main"
    tags:
      - "v*"
  pull_request:

jobs:
  test:
    runs-on: cimaster-latest
    services:
      postgres:
        image: postgres
        env:
          POSTGRES_DB: "test"
          POSTGRES_PASSWORD: "1234"
      oidc:
        image: thetadev256/oidc-mock-server
        env:
          CLIENT_ID: visitenbuch
          CLIENT_SECRET: supersecret
          CLIENT_REDIRECT_URIS: http://localhost:4173/auth/callback/keycloak
          CLIENT_LOGOUT_REDIRECT_URIS: http://localhost:4173/login?noAuto=1
          ISSUER_HOST: oidc:3000
    env:
      DATABASE_URL: "postgresql://postgres:1234@postgres:5432/test?schema=public"
      TEST_DATABASE_URL: "postgresql://postgres:1234@postgres:5432/test?schema=public"
      KEYCLOAK_ISSUER: http://oidc:3000
      KEYCLOAK_LOGOUT: http://oidc:3000/session/end
    steps:
      - name: 👁️ Checkout repository
        uses: actions/checkout@v4
      - name: 📦 pnpm install
        run: |
          pnpm install
          cp .env.test .env
      - name: 🧐 lint
        run: |
          pnpm run check
          pnpm run lint
      - name: 🧪 Unit test
        run: pnpm run test:unit
      - name: 🧪 Integration test
        run: |
          npx prisma migrate reset --force
          pnpm run test:integration
      - name: 👨‍🔬 E2E test
        id: e2etest
        run: |
          pnpm run build -l silent
          npx playwright install chromium
          pnpm run test:e2e
      - name: 💢 Upload E2E report
        if: ${{ failure() && steps.e2etest.conclusion == 'failure' }}
        uses: https://code.forgejo.org/forgejo/upload-artifact@v4
        with:
          name: playwright-report
          path: playwright-report

  release:
    runs-on: cimaster-latest
    needs: test
    if: ${{ startsWith(github.ref, 'refs/tags/v') }}
    # if: ${{ github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v') }}
    steps:
      - name: 👁️ Checkout repository
        uses: actions/checkout@v4
        with:
          fetch-depth: 0 # important to fetch tag logs

      - name: 📦 pnpm install
        run: pnpm install
      - name: ⚒️ Build web application
        run: pnpm run build
      - name: 🐋 Build docker image
        uses: https://code.thetadev.de/ThetaDev/action-kaniko@v1
        with:
          image: thetadev256/visitenbuch
          username: thetadev256
          password: ${{ secrets.DOCKER_TOKEN }}
          tag: ${{ github.ref_name }}
          tag_with_latest: ${{ startsWith(github.ref, 'refs/tags/v') }}
          platforms: "linux/amd64,linux/arm64"

      - name: Get changelog
        if: ${{ startsWith(github.ref, 'refs/tags/v') }}
        run: |
          {
            echo 'CHANGELOG<<END_OF_FILE'
            git show -s --format=%N "${{ github.ref }}" | tail -n +4 | awk 'BEGIN{RS="-----BEGIN PGP SIGNATURE-----"} NR==1{printf $0}'
            echo END_OF_FILE
          } >> "$GITHUB_ENV"
      - name: 🎉 Publish release
        if: ${{ startsWith(github.ref, 'refs/tags/v') }}
        uses: https://gitea.com/actions/release-action@main
        with:
          title: "Visitenbuch ${{ github.ref_name }}"
          body: "${{ env.CHANGELOG }}"

      - name: 🚀 Deploy to server
        if: ${{ startsWith(github.ref, 'refs/tags/v') }}
        run: |
          curl -s -H "Authorization: Bearer ${{ secrets.THETADEV_DE_WATCHTOWER_TOKEN }}" https://watchtower.thetadev.de/v1/update