name: Deploy

on:
  push:
    branches:
      - master

jobs:
  deploy:
    name: Prepare Build
    runs-on: homelab
    container: alpine:latest
    steps:
      - name: Install dependencies
        run: |
          apk update
          apk add --no-cache nodejs npm git bash openssh python3 py3-pip py3-passlib
          python3 -m pip install --user ansible  --break-system-packages
          export PATH="/root/.local/bin:$PATH"
         
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      
      - name: Deploy containers
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_KNOWN_HOSTS }}" >> ~/.ssh/known_hosts
          chmod 644 ~/.ssh/known_hosts
          eval $(ssh-agent -s)
          ssh-add <(echo "${{ secrets.SSH_PRIVATE_KEY }}")
          echo "HOST *" > ~/.ssh/config
          echo "StrictHostKeyChecking no" >> ~/.ssh/config
          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > ~/.vault_password.txt
          echo "nameserver 10.10.10.1" > /etc/resolv.conf
          ./.gitea/workflows/deploy.sh "${{ github.event.before }}" "${{ github.sha }}"