name: Teste Runner Bare-Metal

on:
  push:
    branches: [ main ]
  workflow_dispatch:

jobs:
  hello:
    #precisa da imagem costum do opentofu
    runs-on: [ fenix-opentofu ]
    env:
      CONSUL_HTTP_TOKEN: ${{ secrets.CONSUL_HTTP_TOKEN }}
      PM_API_TOKEN_ID: ${{ secrets.PM_API_TOKEN_ID }}
      PM_API_TOKEN_SECRET: ${{ secrets.PM_API_TOKEN_SECRET }}
      BW_CLIENTID: ${{ secrets.BW_CLIENTID }}
      BW_CLIENTSECRET: ${{ secrets.BW_CLIENTSECRET }}
      
    steps:
      - name: Updating apt-get
        run: |
          apt-get update -y

      - name: Cloning iac repository
        uses: actions/checkout@v4
        with:
          path: infra/iac

      - name: cloning iac secrets repository
        uses: actions/checkout@v4
        with:
          repository: fenix-gitea-admin/iac-teste-secrets
          token: ${{ secrets.GGITEA_TOKEN }}
          path: infra/secrets

      - name: Init OpenTofu
        working-directory: infra/iac
        run: tofu init

      - name: Plan
        working-directory: infra/iac
        run: |
          # Find all .auto.tfvars in the secrets folder
          VAR_FILES=""
          for f in ../secrets/secrets/*.auto.tfvars; do
            VAR_FILES="$VAR_FILES -var-file=$f"
          done
          tofu plan $VAR_FILES -out=tfplan

      - name: Export tfplan
        working-directory: infra/iac
        uses: actions/upload-artifact@v4
        with:
          name: tofu-plan
          path: tfplan


      - name: Apply
        working-directory: infra/iac
        run: |
          tofu apply -auto-approve tfplan