name: Keycloak Operator CI

on:
  push:
    branches-ignore:
      - main
      - dependabot/**
  pull_request:
  schedule:
    - cron: 0 20,23,2,5 * * *
  workflow_dispatch:

env:
  DEFAULT_JDK_VERSION: 11
  DEFAULT_JDK_DIST: temurin
  MINIKUBE_VERSION: v1.28.0
  KUBERNETES_VERSION: v1.22.3

defaults:
  run:
    shell: bash

concurrency:
  # Only cancel jobs for PR updates
  group: operator-ci-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true

jobs:

  conditional:
    name: Check conditional workflows and jobs
    if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak'
    runs-on: ubuntu-latest
    outputs:
      operator: ${{ steps.conditional.outputs.operator }}
    steps:
      - uses: actions/checkout@v3

      - id: conditional
        uses: ./.github/actions/conditional

  build:
    name: Build distribution
    if: needs.conditional.outputs.operator == 'true'
    runs-on: ubuntu-latest
    needs: conditional
    steps:
      - uses: actions/checkout@v3

      - name: Build Keycloak
        uses: ./.github/actions/build-keycloak
        with:
          upload-m2-repo: false
          upload-dist: true

  test-local:
    name: Test local
    runs-on: ubuntu-latest
    needs: [build]
    steps:
      - uses: actions/checkout@v3

      - name: Set version
        id: vars
        run: echo "version_local=0.0.1-${GITHUB_SHA::6}" >> $GITHUB_ENV

      - uses: actions/setup-java@v3
        with:
          distribution: ${{ env.DEFAULT_JDK_DIST }}
          java-version: ${{ env.DEFAULT_JDK_VERSION }}

      - name: Setup Minikube-Kubernetes
        uses: manusa/actions-setup-minikube@v2.7.2
        with:
          minikube version: ${{ env.MINIKUBE_VERSION }}
          kubernetes version: ${{ env.KUBERNETES_VERSION }}
          github token: ${{ secrets.GITHUB_TOKEN }}
          driver: docker
          start args: --addons=ingress

      - name: Download keycloak distribution
        id: download-keycloak-dist
        uses: actions/download-artifact@v3
        with:
          name: keycloak-dist
          path: quarkus/container

      - name: Build Keycloak Docker images
        run: |
          eval $(minikube -p minikube docker-env)
          (cd quarkus/container && docker build --build-arg KEYCLOAK_DIST=$(ls keycloak-*.tar.gz) . -t keycloak:${{ env.version_local }})
          (cd operator && ./scripts/build-testing-docker-images.sh ${{ env.version_local }} keycloak custom-keycloak)

      - name: Test operator running locally
        run: |
          mvn install -Poperator -pl :keycloak-operator -am \
              -Dquarkus.kubernetes.image-pull-policy=IfNotPresent \
              -Doperator.keycloak.image=keycloak:${{ env.version_local }} \
              -Dtest.operator.custom.image=custom-keycloak:${{ env.version_local }} \
              -Doperator.keycloak.image-pull-policy=Never \
              -Dtest.operator.kubernetes.ip=$(minikube ip)

  test-remote:
    name: Test remote
    runs-on: ubuntu-latest
    needs: [build]
    steps:
      - uses: actions/checkout@v3

      - name: Set version
        id: vars
        run: echo "version_remote=0.0.1-${GITHUB_SHA::6}" >> $GITHUB_ENV

      - uses: actions/setup-java@v3
        with:
          distribution: ${{ env.DEFAULT_JDK_DIST }}
          java-version: ${{ env.DEFAULT_JDK_VERSION }}

      - name: Setup Minikube-Kubernetes
        uses: manusa/actions-setup-minikube@v2.7.2
        with:
          minikube version: ${{ env.MINIKUBE_VERSION }}
          kubernetes version: ${{ env.KUBERNETES_VERSION }}
          github token: ${{ secrets.GITHUB_TOKEN }}
          driver: docker
          start args: --addons=ingress

      - name: Download keycloak distribution
        id: download-keycloak-dist
        uses: actions/download-artifact@v3
        with:
          name: keycloak-dist
          path: quarkus/container

      - name: Build Keycloak Docker images
        run: |
          eval $(minikube -p minikube docker-env)
          (cd quarkus/container && docker build --build-arg KEYCLOAK_DIST=$(ls keycloak-*.tar.gz) . -t keycloak:${{ env.version_remote }})
          (cd operator && ./scripts/build-testing-docker-images.sh ${{ env.version_remote }} keycloak custom-keycloak)

      - name: Test operator running in cluster
        run: |
          eval $(minikube -p minikube docker-env)
          mvn install -Poperator -pl :keycloak-operator -am \
              -Dquarkus.container-image.build=true \
              -Dquarkus.kubernetes.image-pull-policy=IfNotPresent \
              -Doperator.keycloak.image=keycloak:${{ env.version_remote }} \
              -Dquarkus.jib.jvm-arguments="-Djava.util.logging.manager=org.jboss.logmanager.LogManager","-Doperator.keycloak.image-pull-policy=Never" \
              -Dtest.operator.custom.image=custom-keycloak:${{ env.version_remote }} \
              --no-transfer-progress -Dtest.operator.deployment=remote \
              -Dtest.operator.kubernetes.ip=$(minikube ip)

  test-olm:
    name: Test OLM installation
    runs-on: ubuntu-latest
    needs: [build]
    steps:
      - uses: actions/checkout@v3

      - uses: actions/setup-java@v3
        with:
          distribution: ${{ env.DEFAULT_JDK_DIST }}
          java-version: ${{ env.DEFAULT_JDK_VERSION }}

      - name: Setup Minikube-Kubernetes
        uses: manusa/actions-setup-minikube@v2.7.2
        with:
          minikube version: ${{ env.MINIKUBE_VERSION }}
          kubernetes version: ${{ env.KUBERNETES_VERSION }}
          github token: ${{ secrets.GITHUB_TOKEN }}
          driver: docker

      - name: Install OPM
        uses: redhat-actions/openshift-tools-installer@v1
        with:
          source: github
          opm: 1.21.0

      - name: Install Yq
        run: sudo snap install yq

      - name: Install OLM
        working-directory: operator
        run: ./scripts/install-olm.sh

      - name: Download keycloak distribution
        id: download-keycloak-dist
        uses: actions/download-artifact@v3
        with:
          name: keycloak-dist
          path: quarkus/container

      - name: Arrange OLM test installation
        working-directory: operator
        run: |
          eval $(minikube -p minikube docker-env)
          ./scripts/olm-testing.sh ${GITHUB_SHA::6}

      - name: Deploy an example Keycloak and wait for it to be ready
        working-directory: operator
        run: |
          kubectl apply -f src/main/resources/example-postgres.yaml
          ./scripts/check-crds-installed.sh
          kubectl apply -f src/main/resources/example-db-secret.yaml
          kubectl apply -f src/main/resources/example-tls-secret.yaml
          kubectl apply -f src/main/resources/example-keycloak.yaml
          kubectl apply -f src/main/resources/example-realm.yaml
          # Wait for the CRs to be ready
          ./scripts/check-examples-installed.sh

  check-set-status:
    name: Set check conclusion
    needs:
      - test-local
      - test-remote
      - test-olm
    runs-on: ubuntu-latest
    outputs:
      conclusion: ${{ steps.check.outputs.conclusion }}

    steps:
      - uses: actions/checkout@v3

      - id: check
        uses: ./.github/actions/checks-success

  check:
    name: Status Check - Keycloak Operator CI
    if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' )
    needs:
      - conditional
      - check-set-status
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@v3

      - name: Check status
        uses: ./.github/actions/checks-job-pass
        with:
          required: ${{ needs.conditional.outputs.operator }}
          conclusion: ${{ needs.check-set-status.outputs.conclusion }}