.github/workflows/deploy.yml

name: Deploy

on:
  push:
  workflow_dispatch:
  repository_dispatch:

jobs:
  infra:
    runs-on: ubuntu-latest
    name: Infrastructure
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Use Node.js LTS
        uses: actions/setup-node@v4
        with:
          node-version: lts/*
          cache: npm

      - name: Use Terraform
        uses: hashicorp/setup-terraform@v3

      - name: Retrieve Terraform State
        uses: cloudflare/wrangler-action@v3.13.0
        with:
          command: --version
          preCommands: npx wrangler kv:namespace list | jq -r '.[] | select( .title == "dispoflare-terraform-state" ) | .id' | awk '{print "tfstate_kv="$1}' >> $GITHUB_ENV
          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}

      - name: Init Terraform
        run: terraform init
        working-directory: ./.terraform

      - name: Download Terraform State
        uses: cloudflare/wrangler-action@v3.13.0
        with:
          command: --version
          preCommands: npx wrangler kv:key get --namespace-id=${{ env.tfstate_kv }} terraform.tfstate > ./.terraform/terraform.tfstate
          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
          postCommands: chmod 777 ./.terraform/terraform.tfstate
        if: ${{ env.tfstate_kv != '' }}

      - name: Configure
        run: terraform plan && terraform apply -auto-approve
        working-directory: ./.terraform
        env:
          TF_VAR_cloudflare_account_id: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
          TF_VAR_cloudflare_api_token: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          TF_VAR_sentry_dsn: ${{ secrets.SENTRY_DSN || '' }}

      - name: Init Terraform State
        uses: cloudflare/wrangler-action@v3.13.0
        if: ${{ env.tfstate_kv == '' }}
        with:
          command: --version
          preCommands: npx wrangler kv:namespace list | jq -r '.[] | select( .title == "dispoflare-terraform-state" ) | .id' | awk '{print "tfstate_kv="$1}' >> $GITHUB_ENV
          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}

      - name: Store Terraform State
        uses: cloudflare/wrangler-action@v3.13.0
        with:
          command: kv:key put --namespace-id=${{ env.tfstate_kv }} terraform.tfstate --path=./.terraform/terraform.tfstate
          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}

  app:
    runs-on: ubuntu-latest
    name: Application
    needs: infra
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Use Node.js LTS
        uses: actions/setup-node@v4
        with:
          node-version: lts/*
          cache: npm

      - name: Install NPM packages
        run: npm ci

      - name: Build Pages
        run: npm run build

      - name: Publish to Cloudflare Pages
        uses: cloudflare/wrangler-action@v3.13.0
        with:
          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
          command: pages deploy build/client --branch=${{ github.head_ref || github.ref_name }} --project-name=dispoflare

      - name: Check for Sentry availability
        id: sentry-check
        shell: bash
        run: |
          if [ "${{ secrets.SENTRY_DSN }}" != '' ]; then
            echo "sentry=true" >> $GITHUB_OUTPUT;
          else
            echo "sentry=false" >> $GITHUB_OUTPUT;
          fi

      # - name: Setup Sentry
      #   if: ${{ steps.sentry-check.outputs.sentry == 'true' }}
      #   uses: cloudflare/wrangler-action@v3.13.0
      #   with:
      #     apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
      #     accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
      #     command: --version
      #     secrets: |
      #       SENTRY_DSN
      #   env:
      #     SENTRY_DSN: ${{ secrets.SENTRY_DSN }}

      - name: Publish to Cloudflare Workers
        uses: cloudflare/wrangler-action@v3.13.0
        with:
          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
        #   secrets: |
        #     CLOUDFLARE_API_TOKEN
        #     CLOUDFLARE_ACCOUNT_ID
        # env:
        #   CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
        #   CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}

      - name: Setup Cloudflare Workers
        run: |
          echo "$CLOUDFLARE_API_TOKEN" | npx wrangler secret put CLOUDFLARE_API_TOKEN
          echo "$CLOUDFLARE_ACCOUNT_ID" | npx wrangler secret put CLOUDFLARE_ACCOUNT_ID
          if [ "${{ secrets.SENTRY_DSN }}" != '' ]; then
            echo "$SENTRY_DSN" | npx wrangler secret put SENTRY_DSN
          fi
        env:
          CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
          CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}

      - name: Create a Sentry release
        uses: getsentry/action-release@v1
        continue-on-error: true
        if: ${{ steps.sentry-check.outputs.sentry == 'true' }}
        env:
          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
          SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
          SENTRY_PROJECT: ${{ vars.SENTRY_PROJECT }}
        with:
          environment: production
          sourcemaps: ./functions ./build
          set_commits: skip