name: Build & Deploy Production Containers

on:
    push:
        branches:
            - master
            - main

jobs:
    build:
        name: Build & Deploy Production Docker image
        runs-on: ubuntu-20.04
        steps:
            - name: Configure AWS credentials
              uses: aws-actions/configure-aws-credentials@v1
              with:
                  aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
                  aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
                  aws-region: us-east-1

            - name: Login to Amazon ECR
              id: login-ecr
              uses: aws-actions/amazon-ecr-login@v1

            - name: Fetch posthog-cloud
              run: |
                  curl -L https://github.com/posthog/posthog-cloud/tarball/master | tar --strip-components=1 -xz --
                  mkdir deploy/

            - name: Checkout master
              uses: actions/checkout@v2
              with:
                  # ref defaults to whatever branch the action is operating on. Leaving it blank on master or main will make it
                  # easier to switch if we decide to. Also makes branch deploys easier.
                  # ref: 'master'
                  path: 'deploy/'

            - name: Build, tag, and push image to Amazon ECR
              id: build-image
              env:
                  ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
                  ECR_REPOSITORY: posthog-production
                  IMAGE_TAG: ${{ github.sha }}
              run: |
                  docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f prod.web.Dockerfile .
                  docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
                  echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"

            - name: Fill in the new image ID in the Amazon ECS task definition
              id: task-def-web
              uses: aws-actions/amazon-ecs-render-task-definition@v1
              with:
                  task-definition: deploy/task-definition.web.json
                  container-name: posthog-production
                  image: ${{ steps.build-image.outputs.image }}

            - name: Fill in the new worker image ID in the Amazon ECS task definition
              id: task-def-worker
              uses: aws-actions/amazon-ecs-render-task-definition@v1
              with:
                  task-definition: deploy/task-definition.worker.json
                  container-name: posthog-production-worker
                  image: ${{ steps.build-image.outputs.image }}

            - name: Fill in the new plugins image ID in the Amazon ECS task definition
              id: task-def-plugins
              uses: aws-actions/amazon-ecs-render-task-definition@v1
              with:
                  task-definition: deploy/task-definition.plugins.json
                  container-name: posthog-production-plugins
                  image: ${{ steps.build-image.outputs.image }}

            - name: Fill in the new migration image ID in the Amazon ECS task definition
              id: task-def-migrate
              uses: aws-actions/amazon-ecs-render-task-definition@v1
              with:
                  task-definition: deploy/task-definition.migration.json
                  container-name: posthog-production-migration
                  image: ${{ steps.build-image.outputs.image }}

            - name: Perform migrations
              run: |
                  aws ecs register-task-definition --cli-input-json file://$TASK_DEFINITION
                  aws ecs run-task --cluster posthog-production-cluster --count 1 --launch-type FARGATE --task-definition posthog-production-migration --network-configuration '{
                    "awsvpcConfiguration": {
                      "subnets": ["subnet-8738fde1"],
                      "securityGroups": ["sg-05a5f7e510b15473c"],
                      "assignPublicIp": "ENABLED"
                    }}'
              env:
                  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
                  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
                  AWS_DEFAULT_REGION: 'us-east-1'
                  TASK_DEFINITION: ${{ steps.task-def-migrate.outputs.task-definition }}

            - name: Deploy Amazon ECS web task definition
              uses: aws-actions/amazon-ecs-deploy-task-definition@v1
              with:
                  task-definition: ${{ steps.task-def-web.outputs.task-definition }}
                  service: posthog-production
                  cluster: posthog-production-cluster

            - name: Deploy Amazon ECS events task definition
              uses: aws-actions/amazon-ecs-deploy-task-definition@v1
              with:
                  task-definition: ${{ steps.task-def-web.outputs.task-definition }}
                  service: posthog-production-event
                  cluster: posthog-production-cluster

            - name: Deploy Amazon ECS worker task definition
              uses: aws-actions/amazon-ecs-deploy-task-definition@v1
              with:
                  task-definition: ${{ steps.task-def-worker.outputs.task-definition }}
                  service: posthog-production-worker
                  cluster: posthog-production-cluster

            - name: Deploy Amazon ECS plugins task definition
              uses: aws-actions/amazon-ecs-deploy-task-definition@v1
              with:
                  task-definition: ${{ steps.task-def-plugins.outputs.task-definition }}
                  service: posthog-production-plugins
                  cluster: posthog-production-cluster
    sentry:
        name: Notify Sentry of a production release
        runs-on: ubuntu-20.04
        steps:
            - name: Checkout master
              uses: actions/checkout@v2
            - name: Notify Sentry
              uses: getsentry/action-release@v1
              env:
                  SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
                  SENTRY_ORG: posthog
                  SENTRY_PROJECT: posthog
              with:
                  environment: production