ci-build.yml

name: Build

on:
  pull_request:
    branches:
      - main
      - master
  push:
    branches:
      - main
      - master

jobs:
  analyze-commits:
    runs-on: ubuntu-latest
    steps:
    - 
      name: Checkout
      uses: actions/checkout@v3
      with: 
        token: ${{ secrets.GH_TOKEN }}
    - 
      name: "🔧 setup node"
      uses: actions/setup-node@v2.1.5
      with:
        node-version: 18.x
    - 
      name: Install dependencies
      run: yarn global add semantic-release @semantic-release/changelog @semantic-release/git @semantic-release/github @semantic-release/exec @semantic-release/release-notes-generator @semantic-release/commit-analyzer@10.0.1 conventional-changelog-conventionalcommits@6.1.0
    -
      name: Get next version
      id: next-version
      run: semantic-release --dryRun
      env:
        GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
        GH_TOKEN: ${{ secrets.GH_TOKEN }}
    outputs:
      release-tag: ${{ steps.next-version.outputs.release-tag }}
      release-version: ${{ steps.next-version.outputs.release-version }}


  docker:
    uses: ./.github/workflows/docker-build-and-push-workflow.yml
    needs: analyze-commits
    secrets: inherit
    with:
      version: ${{ needs.analyze-commits.outputs.release-version }}
      publish: >- 
        ${{ (startsWith(github.ref, 'refs/tags/') ||
            github.ref == 'refs/heads/main' ||
            github.ref == 'refs/heads/master') &&
            github.event_name == 'push' }}
      docker-image-repo: docker.io/wearefrank/zaakbrug
      upload-sarif-to-security: >- 
        ${{ (startsWith(github.ref, 'refs/tags/') ||
          github.ref == 'refs/heads/main' ||
          github.ref == 'refs/heads/master') &&
          github.event_name == 'push' }}

  publish-docker:
    runs-on: ubuntu-latest
    needs:
    - docker
    if: >- 
      ${{ (startsWith(github.ref, 'refs/tags/') ||
          github.ref == 'refs/heads/main' ||
          github.ref == 'refs/heads/master') &&
          github.event_name == 'push' }}
    steps:
    - 
      name: Checkout
      uses: actions/checkout@v3
      with: 
        token: ${{ secrets.GH_TOKEN }}
    -  
      name: "Download Docker artifact"
      uses: actions/download-artifact@v2
      with:
        name: docker
        path: /tmp
    - 
      name: "Load Docker artifact"
      run: |
        docker load --input /tmp/docker.tar
        docker image ls -a
    - 
      name: Login to Container Registry
      uses: docker/login-action@v2
      if: github.event_name == 'push'
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}

    - name: Push Docker image
      run: docker push docker.io/wearefrank/zaakbrug --all-tags

  release: 
    runs-on: ubuntu-latest
    needs: publish-docker
    steps:
    - 
      name: Checkout
      uses: actions/checkout@v3
      with:
        token: ${{ secrets.GH_TOKEN }}
    - 
      name: "🔧 setup node"
      uses: actions/setup-node@v2.1.5
      with:
        node-version: 18.x
    - 
      name: Install dependencies
      run: yarn global add semantic-release @semantic-release/changelog @semantic-release/git @semantic-release/github @semantic-release/exec @semantic-release/release-notes-generator @semantic-release/commit-analyzer@10.0.1 conventional-changelog-conventionalcommits@6.1.0 semantic-release-helm
    - 
      name: Semantic Release
      run: "semantic-release"
      env:
        GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
        GH_TOKEN: ${{ secrets.GH_TOKEN }}

  update-helm:
    uses: ./.github/workflows/update-helm-chart.yml
    needs: 
      - release
      - analyze-commits
    secrets: inherit
    if: >- 
      ${{ (startsWith(github.ref, 'refs/tags/') ||
          github.ref == 'refs/heads/main' ||
          github.ref == 'refs/heads/master') &&
          github.event_name == 'push' &&
          needs.analyze-commits.outputs.release-version != '' &&
          needs.analyze-commits.outputs.release-version != null }}
    with:
      version: ${{ needs.analyze-commits.outputs.release-version }}