.deploy.yml

name: .Deploys

on:
  workflow_call:
    inputs:
      ### Required
      # Nothing! Only `secrets: inherit` is required

      ### Typical / recommended
      aws_user_pools_web_client_id:
        description: AWS User Pools Web Client ID
        default: 7hpo4qa7j0hs0rkfl2pm0sto5k
        type: string
      batch_client_rfsh_api_tkn_op_secret_name:
        description: OP secret name for CLIENT API Token
        default: fom-client-app-api
        type: string
      db_testdata:
        description: Load test data into the database
        default: false
        type: boolean
      email_notify:
        description: Email address for notifications
        default: SIBIFSAF@victoria1.gov.bc.ca
        type: string
      environment:
        description: GitHub/OpenShift environment; usually PR number, test or prod
        type: string
      logout_chain_url:
        description: URL for logout chain
        default: https://logontest7.gov.bc.ca/clp-cgi/logoff.cgi?retnow=1&returl=https://dev.loginproxy.gov.bc.ca/auth/realms/standard/protocol/openid-connect/logout?redirect_uri=
        type: string
      tag:
        description: Container tag; usually PR number
        default: ${{ github.event.number }}
        type: string
      target:
        description: Deployment target; usually PR number, test or prod
        default: ${{ github.event.number }}
        type: string
      triggers:
        description: Paths to check for changes
        type: string
      url:
        description: URL for deployment, does not include path
        type: string

    outputs:
      tag:
        description: Container tag
        value: ${{ jobs.init.outputs.tag }}
      url:
        description: URL for deployment
        value: ${{ jobs.init.outputs.url }}

permissions: {}

jobs:
  init:
    name: Init
    environment: ${{ inputs.environment }}
    outputs:
      tag: ${{ steps.vars.outputs.tag }}
      url: ${{ steps.vars.outputs.url }}
    runs-on: ubuntu-24.04
    steps:
      # Get PR number - requires squash merges to main
      - name: PR Number
        id: pr
        if: inputs.tag == ''
        uses: bcgov/action-get-pr@v0.0.1

      - name: Vars
        id: vars
        run: |
          # Set variables
          if [ -z "${{ inputs.tag }}" ]; then
            echo "Creating tag"
            echo "tag=${{ steps.pr.outputs.pr }}"
            echo "tag=${{ steps.pr.outputs.pr }}" >> $GITHUB_OUTPUT
          else
            echo "Using tag parameter"
            echo "tag=${{ inputs.tag }}"
            echo "tag=${{ inputs.tag }}" >> $GITHUB_OUTPUT
          fi

          if [ -z "${{ inputs.url }}" ]; then
            echo "Creating URL"
            echo "url=fom-$(( ${{ inputs.target }} % 50 )).apps.silver.devops.gov.bc.ca"
            echo "url=fom-$(( ${{ inputs.target }} % 50 )).apps.silver.devops.gov.bc.ca" >> $GITHUB_OUTPUT
          else
            echo "Using URL parameter"
            echo "url=${{ inputs.url }}"
            echo "url=${{ inputs.url }}" >> $GITHUB_OUTPUT
          fi

      - name: OpenShift Init
        uses: bcgov/action-deployer-openshift@v3.0.1
        with:
          oc_namespace: ${{ vars.OC_NAMESPACE }}
          oc_server: ${{ vars.OC_SERVER }}
          oc_token: ${{ secrets.OC_TOKEN }}
          file: libs/openshift.init.yml
          overwrite: false
          parameters: -p ZONE=${{ inputs.target }}
          triggers: ${{ inputs.triggers }}

  deploy:
    name: Deploy
    environment: ${{ inputs.environment }}
    needs: [init]
    runs-on: ubuntu-24.04
    timeout-minutes: 10
    strategy:
      matrix:
        name: [api, admin, db, public]
        include:
          - name: api
            overwrite: true
            parameters:
              -p AWS_USER_POOLS_WEB_CLIENT_ID="${{ inputs.aws_user_pools_web_client_id }}"
              -p BATCH_CLIENT_RFSH_API_TKN_OP_SECRET_NAME="${{ inputs.batch_client_rfsh_api_tkn_op_secret_name }}"
              -p DB_TESTDATA=${{ inputs.db_testdata }}
              -p FOM_EMAIL_NOTIFY=${{ inputs.email_notify }}
              -p LOGOUT_CHAIN_URL="${{ inputs.logout_chain_url }}"
          - name: admin
            overwrite: true
          - name: db
            overwrite: false
          - name: public
            overwrite: true
    steps:
      - uses: bcgov/action-deployer-openshift@v3.0.1
        with:
          file: ${{ matrix.name }}/openshift.deploy.yml
          oc_namespace: ${{ vars.OC_NAMESPACE }}
          oc_server: ${{ vars.OC_SERVER }}
          oc_token: ${{ secrets.OC_TOKEN }}
          overwrite: ${{ matrix.overwrite }}
          parameters:
            -p ZONE=${{ inputs.target }} -p TAG=${{ needs.init.outputs.tag }}
            -p URL=${{ needs.init.outputs.url }} -p REPLICA_COUNT=1
            ${{ matrix.parameters }}
          triggers: ${{ inputs.triggers }}