name: 'deploy'
description: 'deploy'

inputs:
  environment:
    required: true
    type: string
  tag:
    required: true
    type: string
  migrate:
    type: bool
    default: false
  secrets:
    required: false
    type: string
  host:
    required: true
    type: string

runs:
  using: 'composite'
  steps:
  - name: Checkout
    uses: actions/checkout@master
  - name: Yandex Cloud Login
    uses: yc-actions/yc-cr-login@v2
    with:
      yc-sa-json-credentials: ${{ fromJSON(inputs.secrets).YC_SA_JSON_CREDENTIALS }}
  - name: Import Secrets
    uses: hashicorp/vault-action@v2
    id: vault
    with:
      url: https://vault.hublab.ru/
      method: approle
      roleId: ${{ fromJSON(inputs.secrets).VAULT_ROLE_ID }}
      secretId: ${{ fromJSON(inputs.secrets).VAULT_SECRET_ID }}
      secrets: |
        hub/data/tach/${{ inputs.environment }}/base *;
        hub/data/tach/${{ inputs.environment }}/${{github.event.repository.name}} *;
  - name: Save envs
    run: |
      echo '${{ toJson(steps.vault.outputs) }}' > output.json
      jq -r 'to_entries[] | "\(.key)=\"\(.value)\""' output.json > .env
      source .env
      cat .env
  - name: Pull
    env:
        DOCKER_HOST: tcp://${{ inputs.host }}:2376
    run: |
      docker compose pull
  - name: Migrate
    if: ${{ inputs.migrate == 'true' }}
    env:
      DOCKER_HOST: tcp://${{ inputs.host }}:2376
    run: |
      docker compose run --rm ${CR_REPO:8} alembic upgrade head
  - name: Deploy
    env:
        DOCKER_HOST: tcp://${{ inputs.host }}:2376
    run: |
      docker compose -p ${{ inputs.environment }} up -d --force-recreate