.github/workflows/nextcloud-deploy.yml

---
name: Deploy Nextcloud

on:
  workflow_call:
    inputs:
      CLUSTER:
        required: true
        type: string
      BUCKET_NAME:
        required: true
        type: string
      NAMESPACE:
        required: true
        type: string
      NAMESPACE_SCHULCLOUD_INSTANCE:
        required: true
        type: string
      INSTANCE_NAME:
        required: true
        type: string
    secrets:
      token:
        required: true
      KUBECONFIG:
        required: true
      SOCIALLOGINCLIENTID:
        required: true
      SOCIALLOGINSECRET:
        required: true
      S3ACCESSKEY:
        required: false
      S3ACCESSSECRET:
        required: false
      PROXY_CREDENTIALS:
        required: false

jobs:
  run_ansible_playbook_nextcloud:
    environment: ${{ inputs.CLUSTER }}
    runs-on: ubuntu-latest
    env:
      # Necessary for ansible k8s module (doesn't use proxy defined in kubeconfig)
      # https://github.com/kubernetes-client/python/issues/1862
      # https://docs.ansible.com/ansible/latest/collections/kubernetes/core/k8s_module.html#parameter-proxy
      K8S_AUTH_PROXY: ${{ vars.PROXY_URL }}
      K8S_AUTH_PROXY_HEADERS_PROXY_BASIC_AUTH: ${{ secrets.PROXY_CREDENTIALS }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
        with:
          path: "repo/infra-deploy"
          repository: hpi-schul-cloud/infra-deploy

      - name: Install requirements python3
        shell: bash
        working-directory: ${{ github.workspace }}/repo/infra-deploy/
        run: |
          python3 -m pip install -r requirements.txt

      - name: Install requirements ansible-galaxy
        working-directory: ${{ github.workspace }}/repo/infra-deploy/
        run: ansible-galaxy install -r ansible/collections/requirements.yml

      - name: Create Kubeconfig file
        working-directory: ${{ github.workspace }}/
        run: |
          echo "${{ secrets.KUBECONFIG }}" > kubeconfig
          chmod 600 kubeconfig

      - name: Set ENVs in config.yml file
        working-directory: ${{ github.workspace }}/repo/infra-deploy/ansible/group_vars
        run: |
          echo -e "\nnamespace: ${{ inputs.NAMESPACE }}" >> config.yml
          echo "schulcloud_namespace: ${{ inputs.NAMESPACE_SCHULCLOUD_INSTANCE }}" >> config.yml
          echo "instance_name: ${{ inputs.INSTANCE_NAME }}" >> config.yml
          echo "socialloginClientId: ${{ secrets.SOCIALLOGINCLIENTID }}" >> config.yml
          echo "socialloginSecret: ${{ secrets.SOCIALLOGINSECRET }}" >> config.yml
          echo "s3_bucket_name: ${{ inputs.BUCKET_NAME }}" >> config.yml
          echo "s3_access_key: ${{ secrets.S3ACCESSKEY }}" >> config.yml
          echo "s3_access_secret: ${{ secrets.S3ACCESSSECRET }}" >> config.yml
          cat config.yml

      - name: Execute Ansible Nextcloud Playbook
        working-directory: ${{ github.workspace }}/repo/infra-deploy/
        run: ansible-playbook ansible/nextcloud-playbook.yml --inventory-file hosts -e 'ansible_python_interpreter=/usr/bin/python3' -l ${{ inputs.CLUSTER }}

      - name: Delete kubeconfig file
        if: always()
        working-directory: ${{ github.workspace }}
        run: |
          rm -f kubeconfig