.github/workflows/workflow-pull-request-path.yml

name: "[Workflow] Pull request to branch"

concurrency:
  group: ${{ github.ref }}-${{ github.workflow }}

on:
  pull_request:
    branches:
      - main

permissions:
  id-token: write
  contents: write
  security-events: write
  pull-requests: read
  actions: none
  checks: none
  deployments: none
  issues: none
  packages: none
  repository-projects: none
  statuses: none

defaults:
  run:
    shell: bash

jobs:
  workflow_variables:
    runs-on: ubuntu-latest
    name: output workflow variables
    outputs:
      parsed_branch: ${{ steps.variables.outputs.branch_formatted }}
      build_identifier: ${{ steps.variables.outputs.build_identifier }}
      version_tag: ${{ steps.semver_tag.outputs.created_tag }}
    steps:
      - uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # pin@v3

      - name: extract variables for workflow
        id: variables
        env:
          PR_NUMBER: ${{ github.event.pull_request.number }}
        run: |
          export BRANCH=$(echo ${GITHUB_HEAD_REF:-${GITHUB_REF##*/}} | awk -F'_' '{print $1}' | tr -cd '[:alnum:]' | tr '[:upper:]' '[:lower:]' | cut -c1-8)
          echo "branch_formatted=$(echo ${BRANCH})" >> $GITHUB_OUTPUT
          echo "build_identifier=$(echo ${BRANCH}${PR_NUMBER})" >> $GITHUB_OUTPUT
          echo ${build_identifier}

      - name: generate semver tag and release
        id: semver_tag
        uses: ministryofjustice/opg-github-actions/.github/actions/semver-tag@v3.1.0
        with:
          prerelease: true
          default_bump: "minor"

      - uses: actions/labeler@main
        if: github.event_name == 'pull_request'
        with:
          configuration-path: .github/labeller.yml
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          sync-labels: true

  unit_test_frontend:
    name: Unit tests on Frontend app
    uses: ./.github/workflows/_tests-frontend.yml

  build_scan_push_containers:
    name: Docker Build, Scan and Push
    uses: ./.github/workflows/_build-push.yml
    needs: [workflow_variables]
    with:
      tag: ${{ needs.workflow_variables.outputs.version_tag }}
      branch_name: ${{ needs.workflow_variables.outputs.build_identifier }}
    secrets: inherit

  deploy_to_branch_environment:
    name: Deploy to Branch Environment
    needs: [
      workflow_variables,
      build_scan_push_containers,
      unit_test_frontend
    ]
    uses: ./.github/workflows/_deploy-infrastructure.yml
    with:
      workspace: ${{ needs.workflow_variables.outputs.build_identifier }}
      account_name: development
      container_version: ${{ needs.workflow_variables.outputs.version_tag }}
      terraform_path: environment
      apply: true
    secrets: inherit

  plan_development_account:
    name: Plan against development account
    needs: [
      workflow_variables,
      build_scan_push_containers,
    ]
    uses: ./.github/workflows/_deploy-infrastructure.yml
    with:
      workspace: development
      account_name: development
      container_version: ${{ needs.workflow_variables.outputs.version_tag }}
      terraform_path: account
      apply: false
    secrets: inherit

  behat_branch_environment:
    name: Branch Environment Behat
    uses: ./.github/workflows/_tests-behat.yml
    needs: [workflow_variables,deploy_to_branch_environment]
    with:
      workspace_name: ${{ needs.workflow_variables.outputs.build_identifier }}
      version_tag: ${{ needs.workflow_variables.outputs.version_tag }}
      base_url: ${{ needs.workflow_variables.outputs.build_identifier }}.serve.opg.service.justice.gov.uk
      sirius_api_bucket: opg-backoffice-public-api-integration
      suite: --suite=local
      account_name: development
      account_id: 705467933182
    secrets: inherit

  end_of_pr_workflow:
    name: End of PR Workflow
    runs-on: ubuntu-latest
    needs: [workflow_variables,behat_branch_environment]
    if: ${{ always() }}
    steps:
      - name: Check workflow result
        if: ${{ failure() }}
        run: |
            echo "A job failed. Marking end-workflow as failed."
            exit 1
      - name: End of PR Workflow
        run: echo "${{ needs.workflow_variables.outputs.version_tag }} tested, built and deployed to Development"