version: 3
# silent: true

vars:
  DOMAIN: { sh: jq -r .domain < config/variables.secret.tf.json }
  SUB_DOMAIN: { sh: jq -r .subdomain < config/variables.secret.tf.json }
  FULL_DOMAIN: '{{.SUB_DOMAIN}}.{{.DOMAIN}}'

includes:
  tf: { taskfile: terraform, dir: terraform }

tasks:
  dev: docker compose -f compose.dev.yml up --build --force-recreate --no-deps


  build: ansible-playbook playbooks/build.yml
  deploy: ansible-playbook playbooks/deploy.yml
  restore: ansible-playbook playbooks/restore.yml -e "restore_bucket={{.BUCKET}} restore_key={{.KEY}}"
  run:
     - task: build
     - task: deploy

  enter:
    cmd: aws ssm start-session --target $INSTANCE_ID
    env:
      INSTANCE_ID: { sh: jq -r .instance_id.value < config/infrastructure.secret.tf.json }
      AWS_REGION: { sh: jq -r .aws_region < config/ansible.secret.json }
      AWS_ACCESS_KEY_ID: { sh: jq -r .aws_access_key < config/ansible.secret.json }
      AWS_SECRET_ACCESS_KEY: { sh: jq -r .aws_secret_key < config/ansible.secret.json }
  
  push:
    dir: gitea
    vars:
      TAG: '{{.FULL_DOMAIN}}/web/gitea:latest'
    cmds:
      - docker login '{{.FULL_DOMAIN}}' -u max
      - defer: docker logout
      - docker buildx build -t {{.TAG}} -f Dockerfile --platform linux/amd64,linux/arm64 --push --provenance=false .