.github/workflows/backend-prod-cd.yml

name: Backend Prod CD

on:
  workflow_dispatch:
  push:
    branches: [ 'main' ]

jobs:
  detect-changes:
    runs-on: ubuntu-latest
    permissions:
      pull-requests: read
    outputs:
      backend: ${{ steps.filter.outputs.backend }}
      frontend: ${{ steps.filter.outputs.frontend }}
      manual: ${{ steps.manual-check.outputs.manual }}
    steps:
      - id: manual-check
        if: ${{ github.event_name == 'workflow_dispatch' }}
        run: echo "manual=true" >> "$GITHUB_OUTPUT"

      - uses: actions/checkout@v4  # Push 이벤트이기 때문에 checkout 해야 함
        with:
          ref: main
          submodules: recursive
          token: ${{ secrets.PAT_TOKEN }}
      - uses: dorny/paths-filter@v3
        if: ${{ github.event_name != 'workflow_dispatch' }}
        id: filter
        with:
          base: 'main'  # 해당 브랜치의 last commit과 변경점 비교
          filters: |
            backend:
              - 'backend/**'
            frontend:
              - 'frontend/**'
  be-build:
    needs: detect-changes
    if: ${{ needs.detect-changes.outputs.backend == 'true' || needs.detect-changes.outputs.manual == 'true' }}
    runs-on: ubuntu-latest
    defaults:
      run:
        shell: bash
        working-directory: ./backend
    permissions:
      contents: read
      packages: write

    steps:
      - uses: actions/checkout@v4
        with:
          ref: main
      - name: Set up JDK 17
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'temurin'
          cache: gradle
      
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3 
        
      - name: Setup Gradle
        uses: gradle/actions/setup-gradle@v3

      - name: Grant gradlew execute permission
        run: chmod +x ./gradlew

      - name: Build with Gradle (clean)
        run: ./gradlew clean bootJar
      
      # DockerHub 로그인
      - name: Docker login
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      # Docker 이미지 빌드 & 푸시
      - name: Build and push
        uses: docker/build-push-action@v5
        with:
          context: ./backend
          file: ./backend/Dockerfile
          push: true
          tags: ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod
          platforms: |
            linux/amd64
            linux/arm64

  be-depoly:
    needs: be-build
    runs-on: [ self-hosted, linux, prod ]
    defaults:
      run:
        shell: bash
        working-directory: ./

    steps:
      - name: checkout security submodule
        uses: actions/checkout@v4
        with:
          repository: woowacourse-teams/2024-momo-config
          token: ${{ secrets.PAT_TOKEN }}

      - name: copy security config
        run: mkdir -p $HOME/security; \cp -f *.yml ~/security

      # 1. 최신 도커 이미지 pull
      - name: docker pull
        run: docker pull ${{ secrets.DOCKERHUB_USERNAME }}/momo-api-prod

      # 2. 블루그린 배포 스크립트 실행
      - name: Launch Blue-Green Deployment
        run: chmod +x $HOME/security/deploy.sh; $HOME/security/deploy.sh

      # 3. 미사용 이미지 정리
      - name: delete old docker image
        run: docker system prune -f