name: CI

on:
  push:
    branches:
      - main
      - gcloud

env:
  PROJECT_ID: zealous-zebra

jobs:
  build:
    name: Google Cloud / Test, Build, and Deploy
    runs-on: ubuntu-latest
    steps:

    - name: Checkout
      uses: actions/checkout@master

    - name: Set project and image names
      run: |
        SHORT_BRANCH_NAME=$(expr $GITHUB_REF : '.*/\(.*\)') && \
        SHORT_BRANCH_NAME=${SHORT_BRANCH_NAME,,} && \
        BRANCH_NAME=$GITHUB_REPOSITORY/$SHORT_BRANCH_NAME && \
        BRANCH_NAME=${BRANCH_NAME,,} && \
        echo "::set-env name=SHORT_BRANCH_NAME::$SHORT_BRANCH_NAME" && \
        echo "::set-env name=BRANCH_NAME::$BRANCH_NAME" && \
        echo "::set-env name=SHA7::$(git rev-parse --short=7 $GITHUB_SHA)"

    # Setup gcloud CLI
    - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
      with:
        version: '295.0.0'
        project_id: ${{ env.PROJECT_ID }}
        service_account_key: ${{ secrets.GCLOUD_AUTH }}

    # Build and push image to Google Container Registry
    - name: Build
      # Tagging w/ the commit SHA blocks the :latest tag on GCR
      run: |
        gcloud builds submit \
          --tag "gcr.io/$PROJECT_ID/$BRANCH_NAME:$SHA7" \
          --machine-type n1-highcpu-32 \
          --timeout 3600s \

    # Create instance template from container image
    - name: Create instance template
      run: |
        gcloud compute instance-templates create-with-container "zebrad-$SHORT_BRANCH_NAME-$SHA7" \
          --container-image "gcr.io/$PROJECT_ID/$BRANCH_NAME:$SHA7" \
          --machine-type n1-highmem-8 \
          --service-account cos-vm@zealous-zebra.iam.gserviceaccount.com \
          --scopes cloud-platform \
          --tags zebrad \

    # Run once: create firewall rule to allow healthchecks
    # - name: Create healthcheck firewall rule
    #   run: |
    #     gcloud compute firewall-rules create "allow-tracing-health-check" \
    #     --target-tags zebrad \
    #     --allow tcp:3000 \
    #     --source-ranges 130.211.0.0/22,35.191.0.0/16 \
    #     --description="Allow HTTP requests to our tracing endpoint from Google's probes" \

    # Run once: create firewall rule to allow incoming traffic to the nodes
    # - name: Create Zcash incoming traffic firewall rule
    #   run: |
    #     gcloud compute firewall-rules create "allow-zcash" \
    #     --target-tags zebrad \
    #     --allow tcp:8233,tcp:18233 \
    #     --source-ranges 0.0.0.0/0 \
    #     --description="Allow incoming Zcash traffic from anywhere" \

    # Deploy managed instance group using the new instance template
    # - name: Deploy managed instance group
    #   run: |
    #     gcloud compute instance-groups managed create \
    #       "zebrad-$SHORT_BRANCH_NAME-$SHA7" \
    #       --template "zebrad-$SHORT_BRANCH_NAME-$SHA7" \
    #       --health-check zebrad-tracing-filter \
    #       --initial-delay 30 \
    #       --region us-central1 \
    #       --size 2

    # Rolls out update to existing group using the new instance template
    - name: Update managed instance group
      run: |
        gcloud compute instance-groups managed rolling-action start-update \
          "zebrad-$SHORT_BRANCH_NAME" \
          --version template="zebrad-$SHORT_BRANCH_NAME-$SHA7" \
          --region us-central1 \