.github/workflows/deploy_network.yml

name: Deploy with Ansible

on:
  push:
    branches:
      - main

env:
  ANSIBLE_USER: ${{ secrets.ANSIBLE_USER }}
  ANSIBLE_PASSWORD: ${{ secrets.ANSIBLE_PASSWORD }}
  GF_SECURITY_ADMIN_USER: ${{ secrets.GF_SECURITY_ADMIN_USER }}
  GF_SECURITY_ADMIN_PASSWORD: ${{ secrets.GF_SECURITY_ADMIN_PASSWORD }}

permissions:
  contents: read

jobs:
  #Job Build
  build:
    name: Build
    runs-on: self-hosted
    environment: production
    if: contains(github.event.head_commit.message, 'deploy')
    steps:
      #Checkout the code
    - name: Checkout
      uses: actions/checkout@v3

      # Install Ansible
    - name: Install Ansible
      run: |
        sudo apt update
        sudo apt install -y ansible

    # Install python and modules
    - name: Install Modules
      run: |
        sudo apt install python3 python3-pip -y
        pip3 install paramiko --no-input
        sudo pip3 install ansible-lint
        sudo pip3 install --upgrade ansible
        sudo pip3 install --upgrade ansible-core

  #Job monitor
  monitoring:
    name: Monitor
    runs-on: self-hosted
    environment: production
    if: contains(github.event.head_commit.message, 'monitor')
    steps:
    #Checkout the code
    - name: Checkout
      uses: actions/checkout@v3

    # Install Docker
    - name: Install Docker
      run: |
        sudo apt update
        sudo apt install apt-transport-https ca-certificates curl software-properties-common -y
        curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
        sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable"
        sudo apt install docker-ce -y
        sudo usermod -aG docker ${USER}

    # Set Grafana secrets in .grafana.secret
    - name: Set Grafana secrets in .grafana.secret
      run: |
        cd Monitoring
        echo "GF_SECURITY_ADMIN_USER=${{ secrets.GF_SECURITY_ADMIN_USER }}" > .grafana.secret
        echo "GF_SECURITY_ADMIN_PASSWORD=${{ secrets.GF_SECURITY_ADMIN_PASSWORD }}" >> .grafana.secret

    # Install Monitoring Server
    - name: Install Monitoring Server
      run: |
        cd Monitoring
        sudo docker compose up -d
        sudo docker compose start
        cd snmp-exporter
        sudo docker run --rm -v $(pwd)/mibs:/opt/mibs -v $(pwd)/generator.yml:/opt/generator.yml -v $(pwd):/opt prom/snmp-generator:main generate
        cd ..
        sudo docker compose restart
  
  #Job Lint
  lint:
    name: Lint
    runs-on: self-hosted
    needs: build
    environment: production
    steps:
    #Checkout the code
    - name: Checkout
      uses: actions/checkout@v3

    # Run ansible-lint
    - name: Run ansible-lint
      run: |
        cd Network
        ansible-lint --fix playbook_all.yml
        ansible-lint --fix playbook_ISP.yml 
        ansible-lint --fix playbook_CORE.yml
        ansible-lint --fix playbook_DIST.yml
        ansible-lint --fix playbook_ACC.yml 

  #Job Test
  test:
    name: Test
    runs-on: self-hosted
    needs: lint
    environment: production
    steps:
      #Checkout the code
    - name: Checkout
      uses: actions/checkout@v3

  # Job Deploy
  deploy:
    name: Deploy
    runs-on: self-hosted
    needs: test
    steps:
      # Checkout code from repository
      - name: Checkout repository
        uses: actions/checkout@v3

      # Get commit message
      - name: Get Commit Message
        id: commit_message
        run: |
          echo "COMMIT_MSG=$(git log -1 --pretty=format:'%s')" >> $GITHUB_ENV

      # Run Ansible Playbook based on commit message
      - name: Run Ansible Playbook
        run: |
          cd Network
          if [[ "${{ env.COMMIT_MSG }}" == *"all devices"* ]]; then
            ansible-playbook -i inventory playbook_all.yml
          elif [[ "${{ env.COMMIT_MSG }}" == *"ISP"* ]]; then
            ansible-playbook -i inventory playbook_ISP.yml
          elif [[ "${{ env.COMMIT_MSG }}" == *"CORE"* ]]; then
            ansible-playbook -i inventory playbook_CORE.yml
          elif [[ "${{ env.COMMIT_MSG }}" == *"DIST"* ]]; then
            ansible-playbook -i inventory playbook_DIST.yml
          elif [[ "${{ env.COMMIT_MSG }}" == *"ACC"* ]]; then
            ansible-playbook -i inventory playbook_ACC.yml
          else
            echo "No matching playbook found for commit message: ${{ env.COMMIT_MSG }}"
          fi