.github/workflows/pos-app-build-production.yml

name: Promote-to-production
on:
  repository_dispatch:
    types:
      - Kustomization/config-supermarket-pos-contosopos.contoso-supermarket

permissions:
  contents: write
  pull-requests: write

jobs:
  promote-to-production:
    runs-on: ubuntu-latest
    if: |
      github.event.client_payload.metadata.summary == 'env=canary' && github.event.client_payload.severity == 'info' && contains(github.event.client_payload.message,'Health check passed')

    steps:
    - name: 'Checkout repository'
      uses: actions/checkout@v4

    - name: 'Login to ACR'
      uses: azure/docker-login@v1
      with:
        login-server: "${{ secrets.ACR_NAME }}.azurecr.io"
        username: ${{ secrets.SPN_CLIENT_ID }}
        password: ${{ secrets.SPN_CLIENT_SECRET }}

    - name: Get latest Canary Image Tag
      id: latestImageTag
      env:
        ACR_NAME: ${{ secrets.ACR_NAME }}
        namespace: "canary"
      run: |
        az login --service-principal --username ${{ secrets.SPN_CLIENT_ID }} --password=${{ secrets.SPN_CLIENT_SECRET }} --tenant ${{ secrets.SPN_TENANT_ID }}
        LATEST_TAG=$(az acr repository show-tags --name $ACR_NAME --repository $namespace/contoso-supermarket/pos --orderby time_desc --top 1 --output tsv)
        echo $LATEST_TAG
        echo "latest_tag=$LATEST_TAG" >> $GITHUB_OUTPUT

    - name: Get latest Production Image Tag
      id: prodLatestImageTag
      env:
        ACR_NAME: ${{ secrets.ACR_NAME }}
        namespace: "production"
      run: |
        az login --service-principal --username ${{ secrets.SPN_CLIENT_ID }} --password=${{ secrets.SPN_CLIENT_SECRET }} --tenant ${{ secrets.SPN_TENANT_ID }}
        PROD_LATEST_TAG=$(az acr repository show-tags --name $ACR_NAME --repository $namespace/contoso-supermarket/pos --orderby time_desc --top 1 --output tsv)
        echo $PROD_LATEST_TAG
        echo "latest_tag=$PROD_LATEST_TAG" >> $GITHUB_OUTPUT

    - name: Run integration tests
      uses: mscoutermarsh/ascii-art-action@master
      env:
        latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }}
        prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }}
      if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}}
      with:
        text: 'Integration tests complete!'

    - name: 'Build and push new images'
      env:
        latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }}
        namespace: "production"
        prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }}
      if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}}
      run: |
        docker build ./contoso_supermarket/developer/pos/src -t "${{ secrets.ACR_NAME }}.azurecr.io/$namespace/contoso-supermarket/pos:$latest_tag"
        docker push ${{ secrets.ACR_NAME }}.azurecr.io/$namespace/contoso-supermarket/pos:$latest_tag

    - name: 'Checkout production branch'
      uses: actions/checkout@v4
      env:
        latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }}
        prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }}
      if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}}
      with:
        ref: 'production'

    - name: 'Update Image tag on production branch and submit PR'
      env:
        latest_tag: ${{ steps.latestImageTag.outputs.latest_tag }}
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        prod_latest_tag: ${{ steps.prodLatestImageTag.outputs.latest_tag }}
      if: ${{ env.latest_tag != 'v1.0' && env.prod_latest_tag != env.latest_tag}}
      run: |
        FILE_PATH=$(find . -name "seattle.yaml")
        newLine="    image_tag: $latest_tag"
        if [ ! -z "$FILE_PATH" ]; then
          sed -i "s/.*image_tag.*/$newLine/" $FILE_PATH
        else
          echo "seattle.yaml not found"
        fi
        git config --global user.name "GitHub Action"
        git config --global user.email "action@github.com"
        newBranch="update-production-image-tag-${latest_tag}"
        git checkout -b $newBranch production
        git config pull.rebase false
        git add --all
        git commit -m "Update Image Tag on production to $latest_tag"
        git push --set-upstream origin $newBranch
        gh pr create --title "Update production Image Tag to $latest_tag" --body "Update production Image Tag to $latest_tag" --base production