name: bootstrap

on:
  push:
    branches: [ main ]
  pull_request:
    branches: [ main ]

jobs:
  github:
    runs-on: ubuntu-latest
    if: (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) && github.actor != 'dependabot[bot]'
    steps:
      - name: Checkout
        uses: actions/checkout@v3
      - name: Restore Go cache
        uses: actions/cache@v3
        with:
          path: ~/go/pkg/mod
          key: ${{ runner.os }}-go1.18-${{ hashFiles('**/go.sum') }}
          restore-keys: |
            ${{ runner.os }}-go1.18-
      - name: Setup Go
        uses: actions/setup-go@v3
        with:
          go-version: 1.19.x
      - name: Setup Kubernetes
        uses: engineerd/setup-kind@v0.5.0
        with:
          version: v0.16.0
          image: kindest/node:v1.25.2@sha256:9be91e9e9cdf116809841fc77ebdb8845443c4c72fe5218f3ae9eb57fdb4bace
      - name: Setup Kustomize
        uses: fluxcd/pkg//actions/kustomize@main
      - name: Build
        run: |
          make cmd/flux/.manifests.done
          go build -o /tmp/flux ./cmd/flux
      - name: Set outputs
        id: vars
        run: |
          REPOSITORY_NAME=${{ github.event.repository.name }}
          BRANCH_NAME=${GITHUB_REF##*/}
          COMMIT_SHA=$(git rev-parse HEAD)
          PSEUDO_RAND_SUFFIX=$(echo "${BRANCH_NAME}-${COMMIT_SHA}" | shasum | awk '{print $1}')
          TEST_REPO_NAME="${REPOSITORY_NAME}-${PSEUDO_RAND_SUFFIX}"
          echo "::set-output name=test_repo_name::$TEST_REPO_NAME"
      - name: bootstrap init
        run: |
          /tmp/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
          --repository=${{ steps.vars.outputs.test_repo_name }} \
          --branch=main \
          --path=test-cluster \
          --team=team-z
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
      - name: bootstrap no-op
        run: |
          /tmp/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
          --repository=${{ steps.vars.outputs.test_repo_name }} \
          --branch=main \
          --path=test-cluster \
          --team=team-z
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
      - name: bootstrap customize
        run: |
          make setup-bootstrap-patch
          /tmp/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
          --repository=${{ steps.vars.outputs.test_repo_name }} \
          --branch=main \
          --path=test-cluster \
          --team=team-z
          if [ $(kubectl get deployments.apps source-controller -o jsonpath='{.spec.template.spec.securityContext.runAsUser}') != "10000" ]; then
          echo "Bootstrap not customized as controller is not running as user 10000" && exit 1
          fi
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
          GITHUB_REPO_NAME: ${{ steps.vars.outputs.test_repo_name }}
          GITHUB_ORG_NAME: fluxcd-testing
      - name: libgit2
        run: |
          /tmp/flux create source git test-libgit2 \
          --url=ssh://git@github.com/fluxcd-testing/${{ steps.vars.outputs.test_repo_name }} \
          --git-implementation=libgit2 \
          --secret-ref=flux-system \
          --branch=main
      - name: uninstall
        run: |
          /tmp/flux uninstall -s --keep-namespace
          kubectl delete ns flux-system --timeout=10m --wait=true
      - name: test image automation
        run: |
          make setup-image-automation
          /tmp/flux bootstrap github --manifests ./manifests/install/ \
          --owner=fluxcd-testing \
          --repository=${{ steps.vars.outputs.test_repo_name }} \
          --branch=main \
          --path=test-cluster \
          --read-write-key
          /tmp/flux reconcile image repository podinfo
          /tmp/flux reconcile image update flux-system
          /tmp/flux get images all
          
          retries=10
          count=0
          ok=false
          until ${ok}; do
              /tmp/flux get image update flux-system | grep 'commit' && ok=true || ok=false
              count=$(($count + 1))
              if [[ ${count} -eq ${retries} ]]; then
                  echo "No more retries left"
                  exit 1
              fi
              sleep 6
              /tmp/flux reconcile image update flux-system
          done
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
          GITHUB_REPO_NAME: ${{ steps.vars.outputs.test_repo_name }}
          GITHUB_ORG_NAME: fluxcd-testing
      - name: delete repository
        if: ${{ always() }}
        run: |
          curl \
            -X DELETE \
            -H "Accept: application/vnd.github.v3+json" \
            -H "Authorization: token ${GITHUB_TOKEN}" \
            --fail --silent \
            https://api.github.com/repos/fluxcd-testing/${{ steps.vars.outputs.test_repo_name }}
        env:
          GITHUB_TOKEN: ${{ secrets.GITPROVIDER_BOT_TOKEN }}
      - name: Debug failure
        if: failure()
        run: |
          kubectl -n flux-system get all
          kubectl -n flux-system logs deploy/source-controller
          kubectl -n flux-system logs deploy/kustomize-controller