deploy-push-test.yaml

name: Deploy Functions to CDF project using OIDC
on:
  push:
    branches:
      - test

jobs:
  generate-matrix:
    uses: "./.github/workflows/generate-matrix.yaml"
    with:
      deploy_folders: >-
        (
        "example_function1"
        "example_function2"
        )
      trigger_deploy_all_folders: >-
        (
        "common"
        )

  deploy:
    needs: generate-matrix
    name: Deploy to Cognite Functions
    runs-on: ubuntu-latest
    strategy:
      matrix:
        function: ${{ fromJson(needs.generate-matrix.outputs.folders) }}
    steps:
      - uses: actions/checkout@v3.1.0
        if: ${{ contains(needs.generate-matrix.outputs.deploy_folders, matrix.function) }}

      - name: Extract service name
        if: ${{ contains(needs.generate-matrix.outputs.deploy_folders, matrix.function) }}
        shell: bash
        run: |
          name=$(echo ${GITHUB_REF#refs/heads/} | sed -e s/_/-/g)
          under_name=$(echo ${GITHUB_REF#refs/heads/} | sed -e s/-/_/g)
          echo "name=${name}" >> $GITHUB_OUTPUT
          echo "under_name=${under_name}" >> $GITHUB_OUTPUT
        id: extract_name

      - name: Resolve secrets
        if: ${{ contains(needs.generate-matrix.outputs.deploy_folders, matrix.function) }}
        shell: bash
        env:
          BRANCH: ${{ steps.extract_name.outputs.under_name }}
        # Secret names should contain branch name with hyphens (if applicable)
        run: |
          echo "deployment_secret=deploy_${BRANCH}" >> $GITHUB_OUTPUT
          echo "schedules_secret=schedules_${BRANCH}" >> $GITHUB_OUTPUT
          echo "extra_secret=secrets_${{ matrix.function }}_${BRANCH}" >> $GITHUB_OUTPUT
        id: extract_secrets

      - name: Install yq
        if: ${{ contains(needs.generate-matrix.outputs.deploy_folders, matrix.function) }}
        run: |
            sudo wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.27.5/yq_linux_amd64
            sudo chmod +x /usr/local/bin/yq

      - name: Extract config file parameters
        if: ${{ contains(needs.generate-matrix.outputs.deploy_folders, matrix.function) }}
        shell: bash
        run: |
          FILE="${{ matrix.function }}/function_config.yaml"
          if [ ! -f $FILE ]; then
              echo "Config: $FILE not supplied!"
          else
              ALLKEYS=$(yq -o=tsv "keys" $FILE)
              for CONFIGURATION in $ALLKEYS
              do
                  VALUE=$(yq -o=json -I=0 ".$CONFIGURATION" $FILE | sed -e 's/^"//' -e 's/"$//')
                  echo "${CONFIGURATION}=${VALUE}" >> $GITHUB_OUTPUT
              done
          fi
        id: extract_params

      - name: Deploy and schedule ${{ matrix.function }}
        if: ${{ contains(needs.generate-matrix.outputs.deploy_folders, matrix.function) }}
        uses: cognitedata/function-action-oidc@v1
        with:
          # Parameters you may likely hardcode here directly:
          deployment_client_id: 5f18d04a-2d2a-41a2-aa15-bd62a149cd14
          deployment_tenant_id: 0d75f6b8-c6b9-4e84-baca-503e08aa7e4a
          cdf_project: az-forge-sandbox
          cdf_cluster: bluefield  # or api, westeurope-1, etc.
          data_set_id: "7289494538225428"
          runtime: py39
          # Parameters we can read/extract automatically:
          function_folder: ${{ matrix.function }}
          function_external_id: ${{ matrix.function }}-${{ steps.extract_name.outputs.name }}
          schedule_file: schedules/${{ steps.extract_name.outputs.name }}.yaml
          # Parameters we get from Github secret storage:
          deployment_client_secret: ${{ secrets[steps.extract_secrets.outputs.deployment_secret] }}
          schedules_client_secret: ${{ secrets[steps.extract_secrets.outputs.schedules_secret] }}
          function_secrets: ${{ secrets[steps.extract_secrets.outputs.extra_secret] }}
          # Individual parameters per function we read from 'function_config.yaml':
          common_folder: ${{ steps.extract_params.outputs.common_folder }}
          function_deploy_timeout: ${{ steps.extract_params.outputs.function_deploy_timeout }}
          post_deploy_cleanup: ${{ steps.extract_params.outputs.post_deploy_cleanup }}
          schedules_client_id: ${{ steps.extract_params.outputs.schedules_client_id }}
          schedules_tenant_id: ${{ steps.extract_params.outputs.schedules_tenant_id }}
          description: ${{ steps.extract_params.outputs.description }}
          owner: ${{ steps.extract_params.outputs.owner }}
          env_vars: ${{ steps.extract_params.outputs.env_vars }}
          metadata: ${{ steps.extract_params.outputs.metadata }}