name: Deploy

on:
  push:
    branches:
      - master

jobs:
  deploy:
    runs-on: almalinux-8
    container:
      image: git.query.consul/unkin/almalinux8-runnerdnd:latest
      options: --privileged

    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Download Artifacts
        run: |
          mkdir -p /workspace/unkin/terraform-nomad/plans
          export RUN_ID=$((GITHUB_RUN_NUMBER - 1))
          export PLANS_URL="https://git.query.consul/${GITHUB_REPOSITORY}/actions/runs/${RUN_ID}/artifacts/plans"
          export MAX_RETRIES=5
          export RETRY_COUNT=0
          echo "Attempting to download plans from ${PLANS_URL}"
          while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do
            curl -L -o /workspace/plans.zip "${PLANS_URL}" && break || true
            echo "Plans file not available yet. Retrying in 10 seconds... ($((RETRY_COUNT + 1))/$MAX_RETRIES)"
            RETRY_COUNT=$((RETRY_COUNT + 1))
            sleep 10
          done
          if [ ! -f /workspace/plans.zip ]; then
            echo "Failed to download plans file after $MAX_RETRIES attempts."
            exit 1
          fi
          echo "Plans file downloaded. Extracting..."
          unzip /workspace/plans.zip -d /workspace/unkin/terraform-nomad/plans
          echo "Plans file extracted successfully."

      - name: Show Plans
        run: |
          find /workspace -type f -name "*.plan"

      - name: Install Packages
        run: |
          dnf install terraform terragrunt vault jq -y

      - name: Run Terraform Apply
        env:
          VAULT_ROLEID: ${{ secrets.TERRAFORM_NOMAD_VAULT_ROLEID }}
        run: |
          make apply