.github/workflows/release.yml

name: Deploy on release

on:
  release:
    types: [published]
jobs:
  unit-tests:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - uses: actions/setup-node@v4
        with:
          node-version: 20
      - uses: actions/checkout@v4
      - run: npm --prefix webapp ci
      - run: npm --prefix webapp test -- --coverage
      - uses: actions/setup-java@v4
        with:
          distribution: 'temurin'
          java-version: '17'
      - run: mvn clean verify
        working-directory: api
        env:
          DATABASE_USER: ${{ secrets.DATABASE_USER }}
          DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
          JWT_SECRET: ${{ secrets.JWT_SECRET }}
      - name: Analyze with SonarCloud
        uses: sonarsource/sonarcloud-github-action@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
  e2e-tests:
    runs-on: ubuntu-latest
    needs: [ unit-tests ]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-node@v4
        with:
          node-version: 20
      - run: sudo apt install -y openssl
      - run: openssl req -newkey rsa:2048 -nodes -keyout server.key -out server.csr -subj "/CN=localhost"
      - run: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
      - run: openssl pkcs12 -export -out server.p12 -inkey server.key -in server.crt -passout pass:${{ secrets.E2E_SSL_PASSWORD }} -name tomcat
      - run: sudo mkdir /certs
      - run: sudo mv server.p12 /certs/keystore.p12
      - name: Set up environment variables
        run: |
          echo "DATABASE_USER=${{ secrets.DATABASE_USER }}" >> .env
          echo "DATABASE_PASSWORD=${{ secrets.DATABASE_PASSWORD }}" >> .env
          echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> .env
          echo "REACT_APP_API_ENDPOINT=https://localhost:8443" >> ./webapp/.env
          echo "SSL_PASSWORD=${{ secrets.E2E_SSL_PASSWORD }}" >> .env
      - run: mv .env ./webapp/e2e/.env
      - run: docker compose -f ./webapp/e2e/docker-compose.yml up -d
      - run: npm --prefix webapp install
      - run: npm --prefix webapp run build
      - run: npm --prefix webapp run test:e2eci
  docker-push-api:
    runs-on: ubuntu-latest
    needs: [ e2e-tests ]
    steps:
      - uses: actions/checkout@v4
      - name: Publish to Registry
        uses: elgohr/Publish-Docker-Github-Action@v5
        env:
          DATABASE_USER: ${{ secrets.DATABASE_USER }}
          DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
          JWT_SECRET: ${{ secrets.JWT_SECRET }}
          SSL_PASSWORD: ${{ secrets.SSL_PASSWORD }}
        with:
          name: arquisoft/wiq_en2b/api
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
          registry: ghcr.io
          workdir: api
          buildargs: |
            DATABASE_USER
            DATABASE_PASSWORD
            JWT_SECRET
            SSL_PASSWORD
  docker-push-prometheus:
    runs-on: ubuntu-latest
    needs: [ e2e-tests ]
    steps:
      - uses: actions/checkout@v4
      - name: Publish to Registry
        uses: elgohr/Publish-Docker-Github-Action@v5
        with:
          name: arquisoft/wiq_en2b/prometheus
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
          registry: ghcr.io
          workdir: api/monitoring/prometheus
  docker-push-grafana:
    runs-on: ubuntu-latest
    needs: [ e2e-tests ]
    steps:
      - uses: actions/checkout@v4
      - name: Publish to Registry
        uses: elgohr/Publish-Docker-Github-Action@v5
        with:
          name: arquisoft/wiq_en2b/grafana
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
          registry: ghcr.io
          workdir: api/monitoring/grafana
  docker-push-reverse-proxy:
    runs-on: ubuntu-latest
    needs: [ e2e-tests ]
    steps:
      - uses: actions/checkout@v4
      - name: Publish to Registry
        uses: elgohr/Publish-Docker-Github-Action@v5
        with:
          name: arquisoft/wiq_en2b/kiwiq
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
          registry: ghcr.io
          workdir: proxy_conf
  docker-push-webapp:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write
    needs: [ e2e-tests ]
    steps:
      - uses: actions/checkout@v4
      - name: Create .env file
        run: echo "REACT_APP_API_ENDPOINT=https://${{secrets.APP_DOMAIN}}:8443" > webapp/.env

      - name: Publish to Registry
        uses: elgohr/Publish-Docker-Github-Action@v5
        env:
          REACT_APP_API_ENDPOINT: https://${{secrets.APP_DOMAIN}}:8443
          teamname: wiq_en2b
        with:
          name: arquisoft/wiq_en2b/webapp
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
          registry: ghcr.io
          workdir: webapp
          buildargs: |
            REACT_APP_API_ENDPOINT
  docker-push-question-generator:
    runs-on: ubuntu-latest
    needs: [ e2e-tests ]
    steps:
      - uses: actions/checkout@v4
      - name: Publish to Registry
        uses: elgohr/Publish-Docker-Github-Action@v5
        env:
          DATABASE_USER: ${{ secrets.DATABASE_USER }}
          DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
        with:
          name: arquisoft/wiq_en2b/question-generator
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}
          registry: ghcr.io
          workdir: questiongenerator
          buildargs: |
            DATABASE_USER
            DATABASE_PASSWORD
  deploy:
    name: Deploy over SSH
    runs-on: ubuntu-latest
    needs: [docker-push-api, docker-push-webapp, docker-push-question-generator, docker-push-reverse-proxy, docker-push-prometheus, docker-push-grafana]
    steps:
    - name: Deploy over SSH
      uses: fifsky/ssh-action@master
      env:
        API_URI: ${{ secrets.DEPLOY_HOST }}
        DATABASE_USER: ${{ secrets.DATABASE_USER }}
        DATABASE_PASSWORD: ${{ secrets.DATABASE_PASSWORD }}
        JWT_SECRET: ${{ secrets.JWT_SECRET }}
      with:
        host: ${{ secrets.DEPLOY_HOST }}
        user: ${{ secrets.DEPLOY_USER }}
        key: ${{ secrets.DEPLOY_KEY }}
        command: |
          wget https://raw.githubusercontent.com/arquisoft/wiq_en2b/master/docker-compose.yml -O docker-compose.yml
          wget https://raw.githubusercontent.com/arquisoft/wiq_en2b/master/.env -O .env
          echo "DATABASE_USER=${{ secrets.DATABASE_USER }}" >> .env
          echo "DATABASE_PASSWORD=${{ secrets.DATABASE_PASSWORD }}" >> .env
          echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" >> .env
          echo "API_URI=https://${{ secrets.APP_DOMAIN }}:8443" >> .env
          echo "SSL_PASSWORD=${{ secrets.SSL_PASSWORD }}" >> .env
          docker compose --profile prod down
          docker compose --profile prod up -d --pull always
          docker image prune -f