From 543a070e0f3108cf4f02b7ae3afcf0a90cce3c5f Mon Sep 17 00:00:00 2001
From: Berry den Hartog <38954346+berrydenhartog@users.noreply.github.com>
Date: Wed, 12 Jun 2024 00:28:26 +0200
Subject: [PATCH 1/2] Add deployment

---
 .github/workflows/deploy.yml | 78 ++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 .github/workflows/deploy.yml

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 00000000..031924cd
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,78 @@
+name: deploy
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+    inputs:
+      image_tag:
+        description: 'Docker image tag to deploy'
+        required: true
+        default: 'main'
+      environment:
+        description: 'Environment to deploy to'
+        required: true
+        default: 'stag'
+        options:
+          - stag
+          - prod
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get GHCR package hash
+        id: get_package_hash
+        run: |
+          if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
+             gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /orgs/MinBZK/packages/container/tad/versions | jq '.[] | select(.metadata.container.tags | contains(["${{ inputs.image_tag }}"])) | .name' >> "$GITHUB_OUTPUT"
+          else
+             gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" /orgs/MinBZK/packages/container/tad/versions | jq '.[] | select(.metadata.container.tags | contains(["main"])) | .name' >> "$GITHUB_OUTPUT"
+          fi
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get deploy environment
+        id: get_deploy_env
+        run: |
+          if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
+              if [ "${{ inputs.environment }}" == "prod" ]; then
+                  echo "production" >> "$GITHUB_OUTPUT"
+              else
+                  echo "staging" >> "$GITHUB_OUTPUT"
+              fi
+             echo "" >> "$GITHUB_OUTPUT"
+          else
+             echo "staging" >> "$GITHUB_OUTPUT"
+          fi
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: check correct name
+        run: |
+            if [ -z "${{steps.get_package_hash.outputs}}" ]; then
+              echo "Variable is empty. Failing the workflow."
+              exit 1
+            fi
+
+
+      - name: Print deploy hash and environment
+        run: |
+           echo ${{ steps.get_package_hash.outputs }}
+           echo ${{ steps.get_deploy_env.outputs }}
+
+      - uses: actions/checkout@v4
+        with:
+          repository: '${{ github.server_url }}/minbzk/ai-validation-infra'
+          ssh-key: ${{ secrets.DEPLOY_KEY }}
+          ref: main
+          path: ai-validation-infra
+
+      - name: Make changes to the file
+        run: |
+          cd ai-validation-infra
+          sed -i 's/newTag: .*$/newTag: ${{ steps.get_package_hash.outputs }}/g' apps/tad/overlays/${{ steps.get_deploy_env.outputs }}/kustomization.yaml
+          git add apps/tad/overlays/${{ steps.get_deploy_env.outputs }}/kustomization.yaml
+          git commit -m "Update apps/tad/overlays/${{ steps.get_deploy_env.outputs }}/kustomization.yaml"
+          git push

From 39995a6864db539f36dbd19c5e03755e1c72e672 Mon Sep 17 00:00:00 2001
From: Berry den Hartog <38954346+berrydenhartog@users.noreply.github.com>
Date: Wed, 12 Jun 2024 08:59:37 +0200
Subject: [PATCH 2/2] Add concurrency check

---
 .github/workflows/ci.yml                | 4 ++++
 .github/workflows/deploy.yml            | 6 +++++-
 .github/workflows/first-interaction.yml | 3 +++
 .github/workflows/stale-pr-schedule.yml | 4 ++++
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 5cdd05e8..3c0faeb7 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -10,6 +10,10 @@ on:
     branches:
       - 'main'
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 env:
   REGISTRY: ghcr.io
   POETRY_CACHE_DIR: ~/.cache/pypoetry
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 031924cd..392b3f32 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -1,5 +1,6 @@
 name: deploy
 
+
 on:
   push:
     branches:
@@ -18,6 +19,10 @@ on:
           - stag
           - prod
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   deploy:
     runs-on: ubuntu-latest
@@ -56,7 +61,6 @@ jobs:
               exit 1
             fi
 
-
       - name: Print deploy hash and environment
         run: |
            echo ${{ steps.get_package_hash.outputs }}
diff --git a/.github/workflows/first-interaction.yml b/.github/workflows/first-interaction.yml
index edad6119..9a34f7ed 100644
--- a/.github/workflows/first-interaction.yml
+++ b/.github/workflows/first-interaction.yml
@@ -2,6 +2,9 @@ name: first-interaction
 
 on: [pull_request, issues]
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+
 jobs:
   greeting:
     runs-on: ubuntu-latest
diff --git a/.github/workflows/stale-pr-schedule.yml b/.github/workflows/stale-pr-schedule.yml
index a695d5bb..dfaabad3 100644
--- a/.github/workflows/stale-pr-schedule.yml
+++ b/.github/workflows/stale-pr-schedule.yml
@@ -4,6 +4,10 @@ on:
     - cron: "0 4 * * *"
   workflow_dispatch:
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
 jobs:
   stale:
     runs-on: ubuntu-latest