name: Deploy Frontend Main
on:
  push:
    branches: [main]
    paths:
      - "client/**/*"
jobs:
  build:
    runs-on: ubuntu-latest
    environment: Staging
    defaults:
      run:
        working-directory: client
    strategy:
      matrix:
        node-version: [14.x]
    steps:
      - uses: actions/checkout@v2
      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v2
        with:
          node-version: ${{ matrix.node-version }}
      - name: Set DESTINATION_FOLDER for main
        run: |
          echo "DESTINATION_FOLDER=main" >> $GITHUB_ENV
      - name: Install
        run: npm ci
      - name: Build
        run: npm run build --if-present
        env:
          # See the client readme for more info on environment variables:
          # https://github.com/usds/justice40-tool/blob/main/client/README.md
          DATA_SOURCE: cdn
          # TODO: Update main URL when either is back up
          SITE_URL: "${{ secrets.SITE_URL }}"
          MAPBOX_STYLES_READ_TOKEN: "${{ secrets.MAPBOX_STYLES_READ_TOKEN }}"
      - name: Get directory contents
        run: ls -la public
      - name: Lint
        run: npm run lint
        # Disabling for now due to jsonlint - TODO: put this back
      # - name: License Check
      #   run: npm run licenses
      - name: Test
        run: npm test
      # - name: Check for security vulnerabilities
      #   run: npm audit --production
      - name: Upload Artifact
        uses: actions/upload-artifact@v4
        with:
          name: J40Static
          # Upload-artifact does not support the default working directory
          # See more: https://github.com/actions/upload-artifact/issues/87
          path: ./client/public
  deploy:
    runs-on: ubuntu-latest
    needs: build
    environment: Staging
    steps:
      - name: Checkout source
        uses: actions/checkout@v2
      - name: Download Artifacts
        uses: actions/download-artifact@v4
        with:
          name: J40Static
          path: ./public
      - name: Set DESTINATION_FOLDER for main
        run: |
          echo "DESTINATION_FOLDER=main" >> $GITHUB_ENV
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.CLIENT_DEV_AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.CLIENT_DEV_AWS_SECRET_ACCESS_KEY }}
          aws-region: us-east-1
      - name: Deploy to Geoplatform AWS
        run: aws s3 sync ./public/ s3://${{secrets.S3_WEBSITE_BUCKET}}/justice40-tool/${{env.DESTINATION_FOLDER}} --delete
      - name: Invalidate cache on AWS CDNs
        uses: chetan/invalidate-cloudfront-action@master
        env:
          DISTRIBUTION: ${{secrets.WEB_CDN_ID}}
          PATHS: "/*"
          AWS_REGION: "us-east-1"
          AWS_ACCESS_KEY_ID: ${{ secrets.CLIENT_DEV_AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.CLIENT_DEV_AWS_SECRET_ACCESS_KEY }}