name: Deploy ChainID 138

on:
  workflow_dispatch:
    inputs:
      environment:
        description: 'Deployment environment'
        required: true
        default: 'staging'
        type: choice
        options:
          - staging
          - production
      skip_infrastructure:
        description: 'Skip infrastructure deployment'
        required: false
        default: false
        type: boolean
      skip_kubernetes:
        description: 'Skip Kubernetes deployment'
        required: false
        default: false
        type: boolean
      skip_blockscout:
        description: 'Skip Blockscout deployment'
        required: false
        default: false
        type: boolean
      skip_contracts:
        description: 'Skip contract deployment'
        required: false
        default: false
        type: boolean
      skip_cloudflare:
        description: 'Skip Cloudflare DNS configuration'
        required: false
        default: false
        type: boolean
  push:
    branches:
      - main
    paths:
      - 'scripts/deployment/**'
      - 'terraform/**'
      - 'k8s/**'
      - '.github/workflows/deploy.yml'

env:
  AZURE_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
  AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
  AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
  AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
  AZURE_RESOURCE_GROUP: ${{ secrets.AZURE_RESOURCE_GROUP }}
  CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
  CLOUDFLARE_ZONE_ID: ${{ secrets.CLOUDFLARE_ZONE_ID }}
  PRIVATE_KEY: ${{ secrets.PRIVATE_KEY }}
  RPC_URL: ${{ secrets.RPC_URL }}
  EXPLORER_URL: ${{ secrets.EXPLORER_URL }}

jobs:
  deploy:
    name: Deploy ChainID 138
    runs-on: ubuntu-latest
    environment: ${{ github.event.inputs.environment || 'staging' }}
    
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      
      - name: Set up Azure CLI
        uses: azure/login@v1
        with:
          creds: ${{ secrets.AZURE_CREDENTIALS }}
      
      - name: Set up Terraform
        uses: hashicorp/setup-terraform@v3
        with:
          terraform_version: 1.6.0
      
      - name: Set up kubectl
        uses: azure/setup-kubectl@v3
        version: 'latest'
      
      - name: Set up Helm
        uses: azure/setup-helm@v3
        version: 'latest'
      
      - name: Set up Foundry
        uses: foundry-rs/foundry-toolchain@v1
        with:
          version: nightly
      
      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
      
      - name: Install dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y jq curl dnsutils
          npm install -g ajv-cli
      
      - name: Make scripts executable
        run: chmod +x scripts/deployment/*.sh
      
      - name: Create .env file
        run: |
          cat > .env << EOF
          AZURE_SUBSCRIPTION_ID=${{ env.AZURE_SUBSCRIPTION_ID }}
          AZURE_TENANT_ID=${{ env.AZURE_TENANT_ID }}
          AZURE_CLIENT_ID=${{ env.AZURE_CLIENT_ID }}
          AZURE_CLIENT_SECRET=${{ env.AZURE_CLIENT_SECRET }}
          AZURE_RESOURCE_GROUP=${{ env.AZURE_RESOURCE_GROUP }}
          CLOUDFLARE_API_TOKEN=${{ env.CLOUDFLARE_API_TOKEN }}
          CLOUDFLARE_ZONE_ID=${{ env.CLOUDFLARE_ZONE_ID }}
          PRIVATE_KEY=${{ env.PRIVATE_KEY }}
          RPC_URL=${{ env.RPC_URL }}
          EXPLORER_URL=${{ env.EXPLORER_URL }}
          EOF
      
      - name: Deploy infrastructure
        if: ${{ !github.event.inputs.skip_infrastructure }}
        run: |
          ./scripts/deployment/deploy-all.sh \
            --skip-kubernetes \
            --skip-blockscout \
            --skip-contracts \
            --skip-cloudflare
        continue-on-error: true
      
      - name: Configure Cloudflare DNS
        if: ${{ !github.event.inputs.skip_cloudflare }}
        run: |
          # Get Application Gateway IP
          APP_GATEWAY_IP=$(az network application-gateway show \
            --resource-group ${{ env.AZURE_RESOURCE_GROUP }} \
            --name $(cd terraform && terraform output -raw app_gateway_name) \
            --query "frontendIPConfigurations[0].publicIpAddress.id" \
            -o tsv | xargs az network public-ip show --ids --query ipAddress -o tsv)
          
          ./scripts/deployment/cloudflare-dns.sh \
            --zone-id ${{ env.CLOUDFLARE_ZONE_ID }} \
            --api-token ${{ env.CLOUDFLARE_API_TOKEN }} \
            --ip $APP_GATEWAY_IP
        continue-on-error: true
      
      - name: Deploy Kubernetes resources
        if: ${{ !github.event.inputs.skip_kubernetes }}
        run: |
          ./scripts/deployment/deploy-all.sh \
            --skip-infrastructure \
            --skip-blockscout \
            --skip-contracts \
            --skip-cloudflare
        continue-on-error: true
      
      - name: Deploy Blockscout
        if: ${{ !github.event.inputs.skip_blockscout }}
        run: |
          ./scripts/deployment/deploy-all.sh \
            --skip-infrastructure \
            --skip-kubernetes \
            --skip-contracts \
            --skip-cloudflare
        continue-on-error: true
      
      - name: Deploy contracts
        if: ${{ !github.event.inputs.skip_contracts }}
        run: |
          ./scripts/deployment/deploy-all.sh \
            --skip-infrastructure \
            --skip-kubernetes \
            --skip-blockscout \
            --skip-cloudflare
        continue-on-error: true
      
      - name: Update token list
        if: ${{ !github.event.inputs.skip_contracts }}
        run: |
          ./scripts/deployment/update-token-list.sh
        continue-on-error: true
      
      - name: Verify deployment
        run: |
          ./scripts/deployment/verify-deployment.sh
        continue-on-error: true
      
      - name: Upload deployment artifacts
        if: always()
        uses: actions/upload-artifact@v4
        with:
          name: deployment-artifacts
          path: |
            contracts-deployed.json
            deployment.log
            deployment-verification-report.md
          retention-days: 30