.github/workflows/cicd.yml

---
name: build image

"on":
  push:
    branches: [main]

jobs:
  build:
    runs-on: ubuntu-20.04

    steps:
      - name: Checkout Codebase
        uses: actions/checkout@v4

      - name: Login to DockerHub
        run: echo "${{ secrets.DOCKERHUB_PASSWORD }}" | docker login -u "${{ secrets.DOCKERHUB_USERNAME }}" --password-stdin

      - name: Build Docker Image
        run: docker build -t "${{ secrets.IMAGE_NAME }}" .

      - name: Tag Docker Image
        run: docker tag "${{ secrets.IMAGE_NAME }}" "${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:latest"

      - name: Tag Docker Image with Commit SHA
        run: docker tag "${{ secrets.IMAGE_NAME }}" "${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ github.sha }}"

      - name: Push Image to DockerHub
        run: docker push "${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:latest"

      - name: Push Image with Commit SHA Tag
        run: docker push "${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ github.sha }}"

  deploy:
    needs: build
    runs-on: ubuntu-20.04

    defaults:
      run:
        shell: bash
        working-directory: ./terraform

    env:
      JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
      JIRA_ACCESS_TOKEN: ${{ secrets.JIRA_ACCESS_TOKEN }}
      JIRA_BOARD_ID: ${{ secrets.JIRA_BOARD_ID }}

      JIRA_PROJECT: ${{ secrets.JIRA_PROJECT }}
      JIRA_STORY_POINTS_CUSTOM_FIELD: ${{ secrets.JIRA_STORY_POINTS_CUSTOM_FIELD }}
      JIRA_REVIEWER_CUSTOM_FIELD: ${{ secrets.JIRA_REVIEWER_CUSTOM_FIELD }}

      NOTION_TOKEN: ${{ secrets.NOTION_TOKEN }}

      NOTION_SUBSCRIPTIONS_DATABASE_ID: ${{ secrets.NOTION_SUBSCRIPTIONS_DATABASE_ID }}
      NOTION_TRANSACTIONS_DATABASE_ID: ${{ secrets.NOTION_TRANSACTIONS_DATABASE_ID }}
      NOTION_ASSIGNED_ISSUES_DATABASE_ID: ${{ secrets.NOTION_ASSIGNED_ISSUES_DATABASE_ID }}
      NOTION_REVIEWER_ISSUES_DATABASE_ID: ${{ secrets.NOTION_REVIEWER_ISSUES_DATABASE_ID }}

      GOOGLE_CREDENTIALS: ${{ secrets.GCP_CREDENTIALS }}
      GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}

    steps:
      - name: Checkout Codebase
        uses: actions/checkout@v4

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v3

      - name: Setup terraform variables
        id: vars
        run: |-
          cat > pipeline.auto.tfvars <<EOF
          project_id="$GCP_PROJECT_ID"
          docker_image="${{ secrets.DOCKERHUB_USERNAME }}/${{ secrets.IMAGE_NAME }}:${{ github.sha }}"
          notion_token="$NOTION_TOKEN"
          notion_subscriptions_database_id="$NOTION_SUBSCRIPTIONS_DATABASE_ID"
          notion_transactions_database_id="$NOTION_TRANSACTIONS_DATABASE_ID"
          notion_assigned_issues_database_id="$NOTION_ASSIGNED_ISSUES_DATABASE_ID"
          notion_reviewer_issues_database_id="$NOTION_REVIEWER_ISSUES_DATABASE_ID"
          jira_base_url="$JIRA_BASE_URL"
          jira_access_token="$JIRA_ACCESS_TOKEN"
          jira_board_id="$JIRA_BOARD_ID"
          jira_project="$JIRA_PROJECT"
          jira_story_points_custom_field="$JIRA_STORY_POINTS_CUSTOM_FIELD"
          jira_reviewer_custom_field="$JIRA_REVIEWER_CUSTOM_FIELD"
          EOF

      - name: Terraform Init
        run: terraform init

      - name: Terraform Plan
        run: terraform plan -input=false

      - name: Terraform Apply
        run: terraform apply -auto-approve -input=false