name: deploy admin

on:
  push:
    branches:
      - main
      - canary
    paths:
      - fluxer_admin/**
      - .github/workflows/deploy-admin.yaml
  workflow_dispatch:
    inputs:
      channel:
        type: choice
        options:
          - stable
          - canary
        default: stable
        description: Release channel to deploy
      ref:
        type: string
        required: false
        default: ''
        description: Optional git ref (defaults to the triggering branch)

concurrency:
  group: deploy-fluxer-admin-${{ github.event_name == 'workflow_dispatch' && inputs.channel || (github.ref_name == 'canary' && 'canary') || 'stable' }}
  cancel-in-progress: true

permissions:
  contents: read
jobs:
  channel-vars:
    uses: ./.github/workflows/channel-vars.yaml
    with:
      github_event_name: ${{ github.event_name }}
      github_ref_name: ${{ github.ref_name }}
      workflow_dispatch_channel: ${{ github.event_name == 'workflow_dispatch' && inputs.channel || '' }}

  deploy:
    name: Deploy admin
    needs: channel-vars
    runs-on: blacksmith-8vcpu-ubuntu-2404
    timeout-minutes: 25
    env:
      CHANNEL: ${{ needs.channel-vars.outputs.channel }}
      IS_CANARY: ${{ needs.channel-vars.outputs.is_canary }}
      STACK_SUFFIX: ${{ needs.channel-vars.outputs.stack_suffix }}
      STACK: ${{ format('fluxer-admin{0}', needs.channel-vars.outputs.stack_suffix) }}
      CACHE_SCOPE: ${{ format('deploy-fluxer-admin{0}', needs.channel-vars.outputs.stack_suffix) }}
      CADDY_DOMAIN: ${{ needs.channel-vars.outputs.is_canary == 'true' && 'admin.canary.fluxer.app' || 'admin.fluxer.app' }}
      REPLICAS: ${{ needs.channel-vars.outputs.is_canary == 'true' && 1 || 2 }}
      RELEASE_CHANNEL: ${{ needs.channel-vars.outputs.channel }}
    steps:
      - uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || '' }}
          fetch-depth: 0

      - name: Record deploy commit
        run: python3 scripts/ci/workflows/deploy_admin.py --step record_deploy_commit

      - name: Set build timestamp
        run: python3 scripts/ci/workflows/deploy_admin.py --step set_build_timestamp

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}

      - name: Build image
        uses: docker/build-push-action@v6
        with:
          context: .
          file: fluxer_admin/Dockerfile
          tags: ${{ env.STACK }}:${{ env.DEPLOY_SHA }}
          load: true
          platforms: linux/amd64
          cache-from: type=gha,scope=${{ env.CACHE_SCOPE }}
          cache-to: type=gha,mode=max,scope=${{ env.CACHE_SCOPE }}
          build-args: |
            BUILD_SHA=${{ env.DEPLOY_SHA }}
            BUILD_NUMBER=${{ github.run_number }}
            BUILD_TIMESTAMP=${{ env.BUILD_TIMESTAMP }}
            RELEASE_CHANNEL=${{ env.RELEASE_CHANNEL }}
        env:
          DOCKER_BUILD_SUMMARY: false
          DOCKER_BUILD_RECORD_UPLOAD: false

      - name: Install docker-pussh
        run: python3 scripts/ci/workflows/deploy_admin.py --step install_docker_pussh

      - name: Set up SSH agent
        uses: webfactory/ssh-agent@v0.9.1
        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY_SERVER }}

      - name: Add server to known hosts
        run: python3 scripts/ci/workflows/deploy_admin.py --step add_known_hosts --server-ip ${{ secrets.SERVER_IP }}

      - name: Push image and deploy
        env:
          IMAGE_TAG: ${{ env.STACK }}:${{ env.DEPLOY_SHA }}
          SERVER: ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }}
          STACK: ${{ env.STACK }}
          CADDY_DOMAIN: ${{ env.CADDY_DOMAIN }}
          REPLICAS: ${{ env.REPLICAS }}
        run: python3 scripts/ci/workflows/deploy_admin.py --step push_and_deploy