.github/workflows/main.yml

name: Main deployment of Chatbot lambda function

on:
  push:
    branches: [main]

jobs:
  test:
    name: Staging deployment tests
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        python-version: ["3.11"]
    env:
      OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
      OPENAI_MODEL: ${{ vars.OPENAI_MODEL }}
      GOOGLE_AI_API_KEY: ${{ secrets.GOOGLE_AI_API_KEY }}
      GOOGLE_AI_MODEL: ${{ vars.GOOGLE_AI_MODEL }}
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4

      - name: Set up Python ${{ matrix.python-version }}
        id: python-setup
        uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}

      # - name: Load cached venv
      #   id: dependencies-cache
      #   uses: actions/cache@v3
      #   with:
      #     path: .venv
      #     key: venv-${{ runner.os }}-${{ steps.python-setup.outputs.python-version }}

      - name: Create Venv if Cache not found
        # if: steps.dependencies-cache.outputs.cache-hit != 'true'
        run: |
          python -m venv .venv

      - name: Install dependencies
        # if: steps.dependencies-cache.outputs.cache-hit != 'true'
        run: |
          pip install --upgrade pip
          pip install -r requirements.txt

      - name: Run tests
        if: always()
        run: |
          source .venv/bin/activate
          pytest --junit-xml=./reports/pytest.xml --tb=auto -v

      - name: Upload test results
        uses: actions/upload-artifact@v4
        if: always()
        with:
          name: test-results
          path: ./reports/pytest.xml
          if-no-files-found: warn

  staging_job:
    name: Staging deployment of Chatbot Module to lambda function
    runs-on: ubuntu-latest
    needs: test
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.LAMBDA_CONTAINER_PIPELINE_AWS_ID }}
          aws-secret-access-key: ${{ secrets.LAMBDA_CONTAINER_PIPELINE_AWS_SECRET }}
          aws-region: eu-west-2

      - name: Login to Amazon ECR
        id: login-pf-aws-ecr
        uses: aws-actions/amazon-ecr-login@v2

      - name: Build and push the tagged docker image to Amazon ECR
        id: build-custom-image
        env:
          ECR_REGISTRY: ${{ steps.login-pf-aws-ecr.outputs.registry }}
          ECR_REPOSITORY: lambda-feedback-staging-chat
          IMAGE_TAG: latest
        run: |
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

      - name: Update aws custom lambda function code
        env:
          ECR_REGISTRY: ${{ steps.login-pf-aws-ecr.outputs.registry }}
          ECR_REPOSITORY: lambda-feedback-staging-chat
          IMAGE_TAG: latest
        run: |
          aws lambda update-function-code \
              --function-name lambda-feedback-staging-chat \
              --image-uri $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

  approval_job:
    needs: staging_job
    name: Waiting for approval
    runs-on: ubuntu-latest
    steps:
      - name: Generate token
        id: generate_token
        uses: tibdex/github-app-token@v1
        with:
          app_id: ${{ secrets.APP_ID }}
          private_key: ${{ secrets.APP_SECRET }}
      - name: Approve Production Deployment
        uses: trstringer/manual-approval@v1
        with:
          approvers: neagualexa
          # approvers: approvers
          minimum-approvals: 1
          timeout-minutes: 10
          secret: ${{ steps.generate_token.outputs.token }}
          issue-title: Approve Production Deployment
          issue-body: Approve production deployment for the Chatbot Module
          exclude-workflow-initiator-as-approver: false
          additional-approved-words: "fine, go, approved"
          additional-denied-words: "deny, stop"

  prod_job:
    needs: approval_job
    name: Prod deployment of Chatbot Module to lambda function
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.LAMBDA_CONTAINER_PIPELINE_AWS_ID }}
          aws-secret-access-key: ${{ secrets.LAMBDA_CONTAINER_PIPELINE_AWS_SECRET }}
          aws-region: eu-west-2

      - name: Login to Amazon ECR
        id: login-pf-aws-ecr
        uses: aws-actions/amazon-ecr-login@v2
      - name: Build and push the tagged docker image to Amazon ECR
        id: build-custom-image
        env:
          ECR_REGISTRY: ${{ steps.login-pf-aws-ecr.outputs.registry }}
          ECR_REPOSITORY: lambda-feedback-prod-chat
          IMAGE_TAG: latest
        run: |
          docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG

      - name: Update aws custom lambda function code
        env:
          ECR_REGISTRY: ${{ steps.login-pf-aws-ecr.outputs.registry }}
          ECR_REPOSITORY: lambda-feedback-prod-chat
          IMAGE_TAG: latest
        run: |
          aws lambda update-function-code \
              --function-name lambda-feedback-prod-chat \
              --image-uri $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG