name: Build & Deploy

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  infrastructure:
    name: Build Infrastructure
    runs-on: ubuntu-latest

    steps:
      - name: Checkout to Repository
        uses: actions/checkout@v2

      - name: Set-up Terraform
        uses: hashicorp/setup-terraform@v2

      - name: Format Terraform
        run: terraform fmt -check
        working-directory: ./terraform

      - name: Initialize Terraform Back-end
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: terraform init
        working-directory: ./terraform

      - name: Terraform Plan
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: terraform plan -out=tfplan -no-color
        working-directory: ./terraform

      - name: Check if there are changes
        id: check_changes
        run: |
          if [ -n "$(terraform show -no-color tfplan | grep -E 'No changes.')" ]; then
            echo "No changes detected."
            echo "::set-output name=changes::false"
          else
            echo "Changes detected."
            echo "::set-output name=changes::true"
          fi
        working-directory: ./terraform

      - name: Terraform Apply
        if: ${{ (steps.check_changes.outputs.changes == 'true') && (github.ref == 'refs/heads/main') }}
        run: terraform apply -auto-approve tfplan
        working-directory: ./terraform
  
  build:
    name: Deploy Application
    runs-on: ubuntu-latest
    steps:
      - name: Checkout to Repository
        uses: actions/checkout@v4

      - name: Lint Playbooks
        uses: ansible/ansible-lint@main
        with:
          setup_python: true
          working_directory: ./playbooks
          requirements_file: ../requirements.txt