---
name: "e2e"

on:
  workflow_dispatch:
  pull_request:
    branches: ["main"]
    paths-ignore:
      - kubernetes/**

concurrency:
  group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
  cancel-in-progress: true

jobs:
  configure:
    if: ${{ github.repository == 'onedr0p/cluster-template' }}
    name: configure
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        config-files:
          - public
          - private
    steps:
      - name: Checkout
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Setup mise
        uses: jdx/mise-action@6d1e696aa24c1aa1bcc1adea0212707c71ab78a8 # v3.6.1
        env:
          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
        with:
          cache: false

      - name: Run init task
        run: task init

      - name: Prepare files
        run: |
          cp ./.github/tests/${{ matrix.config-files }}.yaml cluster.yaml
          cp ./.github/tests/nodes.yaml nodes.yaml
          echo '{"AccountTag":"fake","TunnelSecret":"fake","TunnelID":"fake"}' > cloudflare-tunnel.json
          touch kubeconfig

      - name: Run configure task
        run: task configure --yes

      - name: Run generate talconfig task
        run: |
          FILENAME=talos/talsecret.sops.yaml
          talhelper gensecret | sops --filename-override $FILENAME --encrypt /dev/stdin > $FILENAME
          task talos:generate-config

      - name: Run flux-local test
        uses: docker://ghcr.io/allenporter/flux-local:v8.1.0@sha256:37c3c4309a351830b04f93c323adfcb0e28c368001818cd819cbce3e08828261
        with:
          args: test --enable-helm --all-namespaces --path /github/workspace/kubernetes/flux/cluster -v

      - name: Dry run bootstrap talos task
        run: task bootstrap:talos --dry

      - name: Dry run bootstrap apps task
        run: task bootstrap:apps --dry

      - name: Run reset task
        run: task template:reset --yes

      - name: Run cleanup task
        run: task template:tidy --yes