.github/workflows/server.yml


on:
  push:
    tags:
      - '*refetch-v*'
      - '*refetch-v*'
      - '*refetch-again-v*'
      - '*refetch-repair-v*'
      - '*refetch-multiple-v*'
      - '*refetch-late-v*'
      - '*refetch-result-v*'
      - '*import-v*'
      - '*import-ongoing-v*'
      - '*ingest-v*'
      - '*ingest-fast-v*'
      - '*notify-v*'
      - '*proxy-v*'
      - '*rating-history-v*'
      - '*metric-v*'
      - '*api-v*'
      - '*function-v*'
      - '*rest-v*'
      - '*rank-v*'
      - '*replay-v*'
      - '*graphql-v*'

name: Server

env:
  NODE_VERSION: 18.17.0

jobs:

  build-and-publish-server:
    name: Build and Publish Server
    runs-on: ubuntu-22.04
    steps:
      - name: Checkout
        uses: actions/checkout@v1
      - name: Setup Env
        uses: ./.github/actions/setup
      - name: Setup Node
        uses: actions/setup-node@v3
        with:
          node-version: ${{ env.NODE_VERSION }}

      - name: Setup Secrets
        run: |
          wget "https://cache.agilebits.com/dist/1P/op2/pkg/v2.4.1/op_linux_amd64_v2.4.1.zip" -O op.zip && unzip -d op op.zip && sudo mv op/op /usr/local/bin && rm -r op.zip op
          echo "OP_DEVICE=gpz56tma3262vu3z2thwwm57ga" >> $GITHUB_ENV
          echo "OP_SECRET_KEY=${{ secrets.ONE_PASSWORD_SECRET_KEY }}" >> $GITHUB_ENV
      - name: Set Secrets
        run: |
          eval $(printf ${{ secrets.ONE_PASSWORD_PASSWORD }} | op account add --address ${{ secrets.ONE_PASSWORD_ADDRESS }} --email ${{ secrets.ONE_PASSWORD_EMAIL }} --signin)
          echo "EXPO_TOKEN=$(op read op://aoe2companion/expo_token/password)" >> $GITHUB_ENV
          echo "DOCKERHUB_USERNAME=$(op read op://aoe2companion/dockerhub_username/password)" >> $GITHUB_ENV
          echo "DOCKERHUB_PASSWORD=$(op read op://aoe2companion/dockerhub_password/password)" >> $GITHUB_ENV
          echo "ID_CI_RSA_BASE64=$(op read op://aoe2companion/id_ci_rsa_base64/password)" >> $GITHUB_ENV
          echo "KNOWN_HOSTS_BASE64=$(op read op://aoe2companion/known_hosts_base64/password)" >> $GITHUB_ENV
          echo "DATABASE_URL=$(op read op://aoe2companion/database_url/password)" >> $GITHUB_ENV
          echo "DATABASE_URL_AOE4=$(op read op://aoe2companion/database_url_aoe4/password)" >> $GITHUB_ENV
          echo "ELECTROLYTIC_APP_SECRET=$(op read op://aoe2companion/electrolytic_app_secret/password)" >> $GITHUB_ENV
          echo "PUSHER_SECRET_KEY=$(op read op://aoe2companion/pusher_secret_key/password)" >> $GITHUB_ENV
          echo "S3_ACCESS_KEY_ID=$(op read op://aoe2companion/aws_access_key_id/password)" >> $GITHUB_ENV
          echo "S3_SECRET_ACCESS_KEY=$(op read op://aoe2companion/aws_secret_access_key/password)" >> $GITHUB_ENV
          echo "TWITCH_CLIENT_ID=$(op read op://aoe2companion/twitch_client_id/password)" >> $GITHUB_ENV
          echo "TWITCH_CLIENT_SECRET=$(op read op://aoe2companion/twitch_client_secret/password)" >> $GITHUB_ENV
          echo "STATUS_URL=$(op read op://aoe2companion/status_url/password)" >> $GITHUB_ENV
          echo "STATUS_API_KEY=$(op read op://aoe2companion/status_api_key/password)" >> $GITHUB_ENV

#          echo "KUBERNETES_SERVER=$(op read op://aoe2companion/kubernetes_server/password)" >> $GITHUB_ENV
#          echo "KUBERNETES_TOKEN=$(op read op://aoe2companion/kubernetes_token/password)" >> $GITHUB_ENV
#          echo "KUBERNETES_CLUSTER_CERTIFICATE=$(op read op://aoe2companion/kubernetes_cluster_certificate/password)" >> $GITHUB_ENV

      - run: echo "SUBDOMAIN=$(node deploy/script/subdomain-from-tag.js $TRAVIS_BRANCH)" >> $GITHUB_ENV
      - run: echo $SUBDOMAIN
      - run: echo "SERVICE_NAME=$(node deploy/script/service-name-from-tag.js $TRAVIS_BRANCH)" >> $GITHUB_ENV
      - run: echo $SERVICE_NAME
      - run: yarn
      - run: yarn run generate:prisma
      - run: npx nx build graph
      - run: docker build -f graph/deploy/Dockerfile -t denniske/aoe2companion-$SERVICE_NAME:$COMMIT_SHA1 .
      - run: echo "$DOCKERHUB_PASSWORD" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
      - run: docker push denniske/aoe2companion-$SERVICE_NAME:$COMMIT_SHA1

      - run: |
          mkdir ~/.ssh
          echo $ID_CI_RSA_BASE64 | base64 --decode > ~/.ssh/id_rsa
          echo $KNOWN_HOSTS_BASE64 | base64 --decode > ~/.ssh/known_hosts
          chmod 644 ~/.ssh/known_hosts
          chmod 600 ~/.ssh/id_rsa
        
          if [[ $SERVICE_NAME == aoe4-* ]] ;
          then
            export DATABASE_URL=$DATABASE_URL_AOE4
          fi

          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku config:set --no-restart --global \
            ELECTROLYTIC_APP_SECRET=$ELECTROLYTIC_APP_SECRET \
            PUSHER_SECRET_KEY=$PUSHER_SECRET_KEY \
            S3_ACCESS_KEY_ID=$S3_ACCESS_KEY_ID \
            S3_SECRET_ACCESS_KEY=$S3_SECRET_ACCESS_KEY \
            TWITCH_CLIENT_ID=$TWITCH_CLIENT_ID \
            TWITCH_CLIENT_SECRET=$TWITCH_CLIENT_SECRET \
            STATUS_URL=$STATUS_URL \
            STATUS_API_KEY=$STATUS_API_KEY \
            && true
          
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku apps:create $SERVICE_NAME || true
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku proxy:set $SERVICE_NAME caddy
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku checks:disable $SERVICE_NAME SERVICE_NAME=$SERVICE_NAME
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku config:set --no-restart $SERVICE_NAME SERVICE_NAME=$SERVICE_NAME
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku config:set --no-restart $SERVICE_NAME DATABASE_URL=$DATABASE_URL
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku domains:set $SERVICE_NAME $SUBDOMAIN.${AOE}companion.com
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku resource:limit --cpu 1 --memory 500 $SERVICE_NAME
          ssh -o StrictHostKeyChecking=no root@128.140.125.122 dokku git:from-image $SERVICE_NAME denniske/aoe2companion-$SERVICE_NAME:$COMMIT_SHA1

#          dokku config:set --no-restart --encoded node-js-app KEY="$(base64 ~/.ssh/id_rsa)"

#          cd deploy
#
#          export BASE=base
#          if [[ $SERVICE_NAME == aoe4-* ]] ;
#          then
#            export BASE=base4
#          fi

#          envsubst <./docker-compose-single.yml >./docker-compose-single.yml.out && mv ./docker-compose-single.yml.out ./docker-compose-single.yml
#          envsubst <./docker-compose-worker.yml >./docker-compose-worker.yml.out && mv ./docker-compose-worker.yml.out ./docker-compose-worker.yml
#
#          scp -o StrictHostKeyChecking=no docker-compose-worker.yml root@128.140.125.122:/root/docker-compose.yml
#          scp -o StrictHostKeyChecking=no docker-compose-single.yml root@128.140.125.122:/root/service-$SERVICE_NAME.yml
#          scp -o StrictHostKeyChecking=no run.sh root@128.140.125.122:/root/run.sh
#          ssh -o StrictHostKeyChecking=no root@128.140.125.122 sh run.sh

#          export DATABASE_URL=${DATABASE_URL/aoe/aoe4}
#
#          echo $ID_CI_RSA_BASE64 > id_ci_rsa.base64
#          base64 --decode id_ci_rsa.base64 > ~/.ssh/id_rsa
#          echo $KNOWN_HOSTS_BASE64 > known_hosts.base64
#          base64 --decode known_hosts.base64 > ~/.ssh/known_hosts