.github/workflows/frontend.yml

name: Build and Deploy FRONTEND

env:
  PROJECT_NAME: qat
  PROJECT_TYPE: frontend
  WORKING_DIRECTORY: frontend
  CURR_WORKING_DIRECTORY: ./frontend
  DEV_APP_PORT: 4000
  DEV_DOMAIN_NAME: qat-dev.hsingh.site
  PROD_APP_PORT: 4001
  PROD_DOMAIN_NAME: qat.hsingh.site
  ENABLE_CACHE: false
  ENABLE_CACHE_CONTROL: false
  ENABLE_RATE_LIMITING: false
  DEV_DOTENV_KEY: ${{ secrets.DEV_FRONTEND_DOTENV_KEY }}
  PROD_DOTENV_KEY: ${{ secrets.PROD_FRONTEND_DOTENV_KEY }}
  DEV_SERVER_USER: ${{ secrets.DEV_SERVER_USER }}
  DEV_SERVER_IP: ${{ secrets.DEV_SERVER_IP }}
  DEV_SERVER_PASSWORD: ${{ secrets.DEV_SERVER_PASSWORD }}
  PROD_SERVER_USER: ${{ secrets.PROD_SERVER_USER }}
  PROD_SERVER_IP: ${{ secrets.PROD_SERVER_IP }}
  PROD_SERVER_PASSWORD: ${{ secrets.PROD_SERVER_PASSWORD }}

on:
  push:
    branches:
      - '*'
    # paths:
    #   - './frontend'
  workflow_dispatch: {}

jobs:
  build:
    timeout-minutes: 30
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ${{ env.CURR_WORKING_DIRECTORY }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Setup Node.js
        uses: actions/setup-node@v3
        with:
          node-version: 'latest'

      - name: Cache Node.js packages
        uses: actions/cache@v3
        with:
          path: ~/.pnpm-store
          key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}
          restore-keys: |
            ${{ runner.os }}-pnpm-
      - run: npm install -g pnpm
      - run: pnpm install --no-frozen-lockfile
      - run: pnpm run lint
      - run: pnpm run build

  deploy:
    timeout-minutes: 30
    needs: [build]
    runs-on: ubuntu-latest
    if: (github.ref == 'refs/heads/dev' || github.ref == 'refs/heads/main') && success()
    defaults:
      run:
        working-directory: ${{ env.CURR_WORKING_DIRECTORY }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set environment variables for Dev
        if: github.ref == 'refs/heads/dev'
        run: |
          echo "SERVER_USER=${{ env.DEV_SERVER_USER }}" >> $GITHUB_ENV
          echo "SERVER_IP=${{ env.DEV_SERVER_IP }}" >> $GITHUB_ENV
          echo "SERVER_PASSWORD=${{ env.DEV_SERVER_PASSWORD }}" >> $GITHUB_ENV
          echo "ENVIRONMENT=dev" >> $GITHUB_ENV
          echo "APP_PORT=${{ env.DEV_APP_PORT }}" >> $GITHUB_ENV
          echo "DOMAIN_NAME=${{ env.DEV_DOMAIN_NAME }}" >> $GITHUB_ENV
          echo "DOTENV_KEY=${{ env.DEV_DOTENV_KEY }}" >> $GITHUB_ENV
          echo "${{ secrets.DEV_ENV}}" > .env

      - name: Set environment variables for Prod
        if: github.ref != 'refs/heads/dev'
        run: |
          echo "SERVER_USER=${{ env.PROD_SERVER_USER }}" >> $GITHUB_ENV
          echo "SERVER_IP=${{ env.PROD_SERVER_IP }}" >> $GITHUB_ENV
          echo "SERVER_PASSWORD=${{ env.PROD_SERVER_PASSWORD }}" >> $GITHUB_ENV
          echo "ENVIRONMENT=prod" >> $GITHUB_ENV
          echo "APP_PORT=${{ env.PROD_APP_PORT }}" >> $GITHUB_ENV
          echo "DOMAIN_NAME=${{ env.PROD_DOMAIN_NAME }}" >> $GITHUB_ENV
          echo "DOTENV_KEY=${{ env.PROD_DOTENV_KEY }}" >> $GITHUB_ENV
          echo "${{ secrets.PROD_ENV}}" > .env
      - name: SSH and Prepare Server
        uses: appleboy/ssh-action@v1.0.0
        with:
          timeout: 120s
          host: ${{ env.SERVER_IP }}
          username: ${{ env.SERVER_USER }}
          password: ${{ env.SERVER_PASSWORD }}
          script: |
            SITE_PATH="/home/${{ env.SERVER_USER }}/sites/${{ env.PROJECT_NAME }}/${{ env.ENVIRONMENT }}/${{ env.WORKING_DIRECTORY }}"
            rm -rf $SITE_PATH
            mkdir -p $SITE_PATH

      - name: SCP to Server
        uses: appleboy/scp-action@v0.1.4
        with:
          host: ${{ env.SERVER_IP }}
          username: ${{ env.SERVER_USER }}
          password: ${{ env.SERVER_PASSWORD }}
          source: ${{ env.CURR_WORKING_DIRECTORY }}
          target: /home/${{ env.SERVER_USER }}/sites/${{ env.PROJECT_NAME }}/${{ env.ENVIRONMENT }}
      - name: Deploy
        uses: appleboy/ssh-action@v1.0.0
        with:
          timeout: 120s
          host: ${{ env.SERVER_IP }}
          username: ${{ env.SERVER_USER }}
          password: ${{ env.SERVER_PASSWORD }}
          script: |

            SITE_PATH="/home/${{ env.SERVER_USER }}/sites/${{ env.PROJECT_NAME }}/${{ env.ENVIRONMENT }}/${{ env.WORKING_DIRECTORY }}"
            cd $SITE_PATH
            pnpm install
            pnpm run build
            pm2 delete ${{ env.PROJECT_NAME }}_${{ env.ENVIRONMENT }}_${{ env.PROJECT_TYPE }}
            if [ "${{ env.ENVIRONMENT }}" = "dev" ]; then
              pnpm run start-pm2-dev
            else
              pnpm run start-pm2-prod
            fi

            ansible-playbook /home/${{ env.SERVER_USER }}/ansible/set_nginx_conf.ansible.yml -e "ansible_become_pass=${{ env.SERVER_PASSWORD }} env_type=${{ env.ENVIRONMENT }} project_name=${{ env.PROJECT_NAME }} project_type=${{ env.PROJECT_TYPE }} app_port=${{ env.APP_PORT }} working_directory=${{ env.WORKING_DIRECTORY }} server_name=${{ env.DOMAIN_NAME }} enable_rate_limiting=${{env.ENABLE_RATE_LIMITING}} rate_burst=${{env.RATE_BURST}} enable_cache=${{env.ENABLE_CACHE}} enable_cache_control=${{env.ENABLE_CACHE_CONTROL}}"