on:
  issue_comment:
    types: [created, edited]

name: test-kata-deploy

jobs:
  check-comment-and-membership:
    runs-on: ubuntu-latest
    if: |
      github.event.issue.pull_request
      && github.event_name == 'issue_comment'
      && github.event.action == 'created'
      && startsWith(github.event.comment.body, '/test_kata_deploy')
    steps:
      - name: Check membership
        uses: kata-containers/is-organization-member@1.0.1
        id: is_organization_member
        with:
          organization: kata-containers
          username: ${{ github.event.comment.user.login }}
          token: ${{ secrets.GITHUB_TOKEN }}
      - name: Fail if not member
        run: |
          result=${{ steps.is_organization_member.outputs.result }}
          if [ $result == false ]; then
              user=${{ github.event.comment.user.login }}
              echo Either ${user} is not part of the kata-containers organization
              echo or ${user} has its Organization Visibility set to Private at
              echo https://github.com/orgs/kata-containers/people?query=${user}
              echo 
              echo Ensure you change your Organization Visibility to Public and
              echo trigger the test again.
              exit 1
          fi

  build-asset:
    runs-on: ubuntu-latest
    needs: check-comment-and-membership
    strategy:
      matrix:
        asset:
          - cloud-hypervisor
          - firecracker
          - kernel
          - qemu
          - rootfs-image
          - rootfs-initrd
          - shim-v2
    steps:
      - name: get-PR-ref
        id: get-PR-ref
        run: |
            ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed  's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#')
            echo "reference for PR: " ${ref}
            echo "##[set-output name=pr-ref;]${ref}"
      - uses: actions/checkout@v2
        with:
          ref: ${{ steps.get-PR-ref.outputs.pr-ref }}

      - name: Install docker
        run: |
          curl -fsSL https://test.docker.com -o test-docker.sh
          sh test-docker.sh

      - name: Build ${{ matrix.asset }}
        run: |
          make "${KATA_ASSET}-tarball"
          build_dir=$(readlink -f build)
          # store-artifact does not work with symlink
          sudo cp -r "${build_dir}" "kata-build"
        env:
          KATA_ASSET: ${{ matrix.asset }}
          TAR_OUTPUT: ${{ matrix.asset }}.tar.gz

      - name: store-artifact ${{ matrix.asset }}
        uses: actions/upload-artifact@v2
        with:
          name: kata-artifacts
          path: kata-build/kata-static-${{ matrix.asset }}.tar.xz
          if-no-files-found: error

  create-kata-tarball:
    runs-on: ubuntu-latest
    needs: build-asset
    steps:
      - name: get-PR-ref
        id: get-PR-ref
        run: |
            ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed  's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#')
            echo "reference for PR: " ${ref}
            echo "##[set-output name=pr-ref;]${ref}"
      - uses: actions/checkout@v2
        with:
          ref: ${{ steps.get-PR-ref.outputs.pr-ref }}
      - name: get-artifacts
        uses: actions/download-artifact@v2
        with:
          name: kata-artifacts
          path: kata-artifacts
      - name: merge-artifacts
        run: |
          ./tools/packaging/kata-deploy/local-build/kata-deploy-merge-builds.sh kata-artifacts
      - name: store-artifacts
        uses: actions/upload-artifact@v2
        with:
          name: kata-static-tarball
          path: kata-static.tar.xz

  kata-deploy:
    needs: create-kata-tarball
    runs-on: ubuntu-latest
    steps:
      - name: get-PR-ref
        id: get-PR-ref
        run: |
            ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed  's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#')
            echo "reference for PR: " ${ref}
            echo "##[set-output name=pr-ref;]${ref}"
      - uses: actions/checkout@v2
        with:
          ref: ${{ steps.get-PR-ref.outputs.pr-ref }}
      - name: get-kata-tarball
        uses: actions/download-artifact@v2
        with:
          name: kata-static-tarball
      - name: build-and-push-kata-deploy-ci
        id: build-and-push-kata-deploy-ci
        run: |
          PR_SHA=$(git log --format=format:%H -n1)
          mv kata-static.tar.xz $GITHUB_WORKSPACE/tools/packaging/kata-deploy/kata-static.tar.xz
          docker build --build-arg KATA_ARTIFACTS=kata-static.tar.xz -t quay.io/kata-containers/kata-deploy-ci:$PR_SHA $GITHUB_WORKSPACE/tools/packaging/kata-deploy
          docker login -u ${{ secrets.QUAY_DEPLOYER_USERNAME }} -p ${{ secrets.QUAY_DEPLOYER_PASSWORD }} quay.io
          docker push quay.io/kata-containers/kata-deploy-ci:$PR_SHA
          mkdir -p packaging/kata-deploy
          ln -s $GITHUB_WORKSPACE/tools/packaging/kata-deploy/action packaging/kata-deploy/action
          echo "::set-output name=PKG_SHA::${PR_SHA}"
      - name: test-kata-deploy-ci-in-aks
        uses: ./packaging/kata-deploy/action
        with:
          packaging-sha: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}}
        env:
          PKG_SHA: ${{steps.build-and-push-kata-deploy-ci.outputs.PKG_SHA}}
          AZ_APPID: ${{ secrets.AZ_APPID }}
          AZ_PASSWORD: ${{ secrets.AZ_PASSWORD }}
          AZ_SUBSCRIPTION_ID: ${{ secrets.AZ_SUBSCRIPTION_ID }}
          AZ_TENANT_ID: ${{ secrets.AZ_TENANT_ID }}