name: deploy-to-preview-environment

on:
  pull_request:
    branches:
      - staging

env:
  REGISTRY_URL: eu.gcr.io
  PROJECT_ID: airqo-250220

jobs:
  branch-name:
    name: Format branch name string
    runs-on: ubuntu-latest
    outputs:
      lowercase: ${{ steps.string.outputs.lowercase }} # lowercase version
    steps:
      - id: string
        uses: ASzc/change-string-case-action@v5
        with:
          string: ${{ github.head_ref || github.ref_name }}

  check:
    name: check changed microservice(s)
    outputs:
      run_auth_service: ${{ steps.check_files.outputs.run_auth_service }} # auth service
      run_device_registry: ${{ steps.check_files.outputs.run_device_registry }} # device registry
      run_device_monitoring: ${{ steps.check_files.outputs.run_device_monitoring }} # device monitoring
      run_data_mgt: ${{ steps.check_files.outputs.run_data_mgt }} # data mgt
      run_data_proxy: ${{ steps.check_files.outputs.run_data_proxy }} # data proxy
      run_analytics: ${{ steps.check_files.outputs.run_analytics }} # analytics
      run_locate: ${{ steps.check_files.outputs.run_locate }} # locate
      run_predict: ${{ steps.check_files.outputs.run_predict }} # predict
      run_meta_data: ${{ steps.check_files.outputs.run_meta_data }} # metadata
      run_view: ${{ steps.check_files.outputs.run_view }} # view
      run_calibrate: ${{ steps.check_files.outputs.run_calibrate }} # calibrate
      run_incentives: ${{ steps.check_files.outputs.run_incentives }} # incentives
      run_spatial: ${{ steps.check_files.outputs.run_spatial }} # spatial
      run_website: ${{ steps.check_files.outputs.run_website }} # website
    runs-on: ubuntu-latest
    steps:
      - name: checkout code
        uses: actions/checkout@v3.5.3
        with:
          fetch-depth: 2

        #### all microservices ######
      - name: check modified microserivce
        id: check_files
        run: |
          echo "=============== list modified files ==============="
          git diff --name-only HEAD^ HEAD

          echo "========== check paths of modified files =========="
          git diff --name-only HEAD^ HEAD > files.txt

          echo "run_auth_service=false" >>$GITHUB_OUTPUT
          echo "run_device_registry=false" >>$GITHUB_OUTPUT  
          echo "run_device_monitoring=false" >>$GITHUB_OUTPUT 
          echo "run_data_mgt=false" >>$GITHUB_OUTPUT
          echo "run_data_proxy=false" >>$GITHUB_OUTPUT
          echo "run_analytics=false" >>$GITHUB_OUTPUT
          echo "run_locate=false" >>$GITHUB_OUTPUT
          echo "run_predict=false" >>$GITHUB_OUTPUT
          echo "run_meta_data=false" >>$GITHUB_OUTPUT
          echo "run_view=false" >>$GITHUB_OUTPUT
          echo "run_calibrate=false" >>$GITHUB_OUTPUT 
          echo "run_incentives=false" >>$GITHUB_OUTPUT
          echo "run_spatial=false" >>$GITHUB_OUTPUT
          echo "run_website=false" >>$GITHUB_OUTPUT

          while IFS= read -r file
          do
            echo $file
            if [[ $file == src/auth-service/* ]]; then
              echo "run_auth_service=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/device-registry/* ]]; then
              echo "run_device_registry=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/device-monitoring/* ]]; then
              echo "run_device_monitoring=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/data-mgt/* ]]; then
              echo "run_data_mgt=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/data-proxy/* ]]; then
              echo "run_data_proxy=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/analytics/* ]]; then
              echo "run_analytics=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/locate/* ]]; then
              echo "run_locate=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/predict/* ]]; then
              echo "run_predict=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/meta-data/* ]]; then
              echo "run_meta_data=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/view/* ]]; then
              echo "run_view=true" >>$GITHUB_OUTPUT
            fi
            
            if [[ $file == src/calibrate/* ]]; then
              echo "run_calibrate=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/incentives/* ]]; then
              echo "run_incentives=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/spatial/* ]]; then
              echo "run_spatial=true" >>$GITHUB_OUTPUT
            fi

            if [[ $file == src/website/* ]]; then
              echo "run_website=true" >>$GITHUB_OUTPUT
            fi            


          done < files.txt

  ### auth_service ###
  auth-service:
    name: build-push-deploy-auth-service
    needs: [check, branch-name]
    if: needs.check.outputs.run_auth_service == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/auth-service/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-auth-service-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/auth-service-pr-previews:${{ github.sha }} \
            --port=3000 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-auth-service:latest,/etc/config/firebase_admin_sdk.json=sta-key-auth-service-firebase-admin-sdk:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage-mac" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-auth-service-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  auth-service-pr-comment:
    name: auth-service-preview-link-comment
    if: needs.check.outputs.run_auth_service == 'true'
    needs: [auth-service]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Auth-service changes in this PR available for preview [here](${{ needs.auth-service.outputs.url }})'
            })

  ### device registry ###
  device-registry:
    name: build-push-deploy-device-registry
    needs: [check, branch-name]
    if: needs.check.outputs.run_device_registry == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/device-registry/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-device-registry-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-registry-pr-previews:${{ github.sha }} \
            --port=3000 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-device-registry:latest,/etc/config/google_application_credentials.json=sta-key-device-registry-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage-mac" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-device-registry-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  device-registry-pr-comment:
    name: device-registry-preview-link-comment
    if: needs.check.outputs.run_device_registry == 'true'
    needs: [device-registry]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Device registry changes in this PR available for preview [here](${{ needs.device-registry.outputs.url }})'
            })

  ### device monitoring ###
  device-monitoring:
    name: build-push-deploy-device-monitoring
    needs: [check, branch-name]
    if: needs.check.outputs.run_device_monitoring == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/device-monitoring/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-device-monitoring-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/device-monitoring-pr-previews:${{ github.sha }} \
            --port=4001 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-device-monitoring:latest,/etc/config/google_application_credentials.json=sta-key-device-monitoring-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-device-monitoring-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  device-monitoring-pr-comment:
    name: device-monitoring-preview-link-comment
    if: needs.check.outputs.run_device_monitoring == 'true'
    needs: [device-monitoring]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Device monitoring changes in this PR available for preview [here](${{ needs.device-monitoring.outputs.url }})'
            })

  ### run data mgt ###
  data-mgt:
    name: build-push-deploy-data-mgt
    needs: [check, branch-name]
    if: needs.check.outputs.run_data_mgt == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/data-mgt/
          docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-data-mgt-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-mgt-pr-previews:${{ github.sha }} \
            --port=3000 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-data-mgt-nodejs:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-data-mgt-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  data-mgt-pr-comment:
    name: data-mgt-preview-link-comment
    if: needs.check.outputs.run_data_mgt == 'true'
    needs: [data-mgt]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Data management changes in this PR available for preview [here](${{ needs.data-mgt.outputs.url }})'
            })

  ### run data proxy ###
  data-proxy:
    name: build-push-deploy-data-proxy
    needs: [check, branch-name]
    if: needs.check.outputs.run_data_proxy == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/data-proxy/
          docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-data-proxy-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/data-proxy-pr-previews:${{ github.sha }} \
            --port=3000 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-data-proxy:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /usr/src/app/.env; npm run stage" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-data-proxy-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  data-proxy-pr-comment:
    name: data-proxy-preview-link-comment
    if: needs.check.outputs.run_data_proxy == 'true'
    needs: [data-proxy]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Data Proxy changes in this PR available for preview [here](${{ needs.data-proxy.outputs.url }})'
            })

  ### analytics ###
  analytics:
    name: build-push-deploy-analytics
    needs: [check, branch-name]
    if: needs.check.outputs.run_analytics == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/analytics/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-analytics-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/analytics-pr-previews:${{ github.sha }} \
            --port=5000 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-analytics:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-analytics-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  analytics-pr-comment:
    name: analytics-preview-link-comment
    if: needs.check.outputs.run_analytics == 'true'
    needs: [analytics]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Analytics changes in this PR available for preview [here](${{ needs.analytics.outputs.url }})'
            })

  ### locate ###
  locate:
    name: build-push-deploy-locate
    needs: [check, branch-name]
    if: needs.check.outputs.run_locate == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/locate/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-locate-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/locate-pr-previews:${{ github.sha }} \
            --port=4001 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-locate:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-locate-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  locate-pr-comment:
    name: locate-preview-link-comment
    if: needs.check.outputs.run_locate == 'true'
    needs: [locate]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Locate API changes in this PR available for preview [here](${{ needs.locate.outputs.url }})'
            })

  ### predict service ###
  predict-service:
    name: build-push-deploy-predict-service-preview
    needs: [check, branch-name]
    if: needs.check.outputs.run_predict == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/predict/api/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-predict-service-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/predict-service-pr-previews:${{ github.sha }} \
            --port=5000 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-predict:latest,/etc/config/google_application_credentials.json=sta-key-predict-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-predict-service-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  predict-pr-comment:
    name: predict-service-preview-link-comment
    if: needs.check.outputs.run_predict == 'true'
    needs: [predict-service]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Predict service changes in this PR available for preview [here](${{ needs.predict-service.outputs.url }})'
            })

  ### meta-data ###
  meta-data:
    name: build-push-deploy-meta-data
    needs: [check, branch-name]
    if: needs.check.outputs.run_meta_data == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/meta-data/
          docker build --target=api --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }} .
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-meta-data-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/meta-data-pr-previews:${{ github.sha }} \
            --port=4001 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-metadata:latest,/etc/config/google_application_credentials.json=sta-key-metadata-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app-dir/.env; gunicorn --bind=0.0.0.0:4001 app:app" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-meta-data-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  meta-data-pr-comment:
    name: meta-data-preview-link-comment
    if: needs.check.outputs.run_meta_data == 'true'
    needs: [meta-data]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Meta-data changes in this PR available for preview [here](${{ needs.meta-data.outputs.url }})'
            })

  ### view ###
  view:
    name: build-push-deploy-view-api
    needs: [check, branch-name]
    if: needs.check.outputs.run_view == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/view/
          docker build --target=api --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-view-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/view-pr-previews:${{ github.sha }} \
            --port=8080 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-view-api:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; java -Djava.security.egd=file:/dev/./urandom -Dspring.profiles.active=api -jar /view.jar" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-view-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  view-pr-comment:
    name: view-preview-link-comment
    if: needs.check.outputs.run_view == 'true'
    needs: [view]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'View API changes in this PR available for preview [here](${{ needs.view.outputs.url }})'
            })

  ### calibrate ###
  calibrate:
    name: build-push-deploy-calibrate
    needs: [check, branch-name]
    if: needs.check.outputs.run_calibrate == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/calibrate/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-calibrate-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/calibrate-pr-previews:${{ github.sha }} \
            --port=4001 \
            --cpu=2000m \
            --memory=1024Mi \
            --update-secrets=/etc/env/.env=sta-env-calibrate:latest,/etc/config/google_application_credentials.json=sta-key-calibrate-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; gunicorn --bind=0.0.0.0:4001 app:app" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-calibrate-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  calibrate-pr-comment:
    name: calibrate-preview-link-comment
    if: needs.check.outputs.run_calibrate == 'true'
    needs: [calibrate]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Calibrate changes in this PR available for preview [here](${{ needs.calibrate.outputs.url }})'
            })

  ### incentives ###
  incentives:
    name: build-push-deploy-incentives
    needs: [check, branch-name]
    if: needs.check.outputs.run_incentives == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/incentives/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }} .
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-incentives-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/incentives-pr-previews:${{ github.sha }} \
            --port=3000 \
            --cpu=1000m \
            --memory=256Mi \
            --update-secrets=/etc/env/.env=sta-env-incentives:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; npm run stage" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-incentives-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  incentives-pr-comment:
    name: incentives-preview-link-comment
    if: needs.check.outputs.run_incentives == 'true'
    needs: [incentives]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Incentives API changes in this PR available for preview [here](${{ needs.incentives.outputs.url }})'
            })

  ### spatial ###
  spatial:
    name: build-push-deploy-spatial
    needs: [check, branch-name]
    if: needs.check.outputs.run_spatial == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/spatial/
          docker build --target=staging --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-spatial-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/spatial-pr-previews:${{ github.sha }} \
            --port=5000 \
            --cpu=1000m \
            --memory=1024Mi \
            --update-secrets=/etc/env/.env=sta-env-spatial:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; flask run --host=0.0.0.0" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-spatial-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  spatial-pr-comment:
    name: spatial-preview-link-comment
    if: needs.check.outputs.run_spatial == 'true'
    needs: [spatial]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'Spatial changes in this PR available for preview [here](${{ needs.spatial.outputs.url }})'
            })

  ### website ###
  website:
    name: build-push-deploy-website
    needs: [check, branch-name]
    if: needs.check.outputs.run_website == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
    outputs:
      url: ${{ steps.preview-url.outputs.url }}
    steps:
      - name: Checkout
        uses: actions/checkout@v3.5.3

      - name: Google Auth
        id: auth
        uses: google-github-actions/auth@v1.1.1
        with:
          credentials_json: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Setup Cloud SDK
        uses: google-github-actions/setup-gcloud@v1.1.1

      - name: Docker Auth
        id: docker-auth
        uses: docker/login-action@v2.2.0
        with:
          registry: ${{ env.REGISTRY_URL }}
          username: _json_key
          password: ${{ secrets.GCP_SA_CREDENTIALS }}

      - name: Build and Push Container
        run: |
          cd src/website/
          docker build --tag ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} ./
          docker push ${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }}

      - name: Deploy to Cloud Run
        run: |-
          gcloud run deploy ${{ needs.branch-name.outputs.lowercase }}-website-preview \
            --region=${{ secrets.REGION }} \
            --max-instances=10 \
            --timeout=60 \
            --concurrency=10 \
            --image=${{ env.REGISTRY_URL }}/${{ env.PROJECT_ID }}/pr-previews/website-pr-previews:${{ github.sha }} \
            --port=8000 \
            --cpu=1000m \
            --memory=1024Mi \
            --update-secrets=/etc/env/.env=sta-env-website-backend:latest,/etc/config/google_application_credentials.json=sta-key-analytics-service-account:latest \
            --command="/bin/sh","-c","cat /etc/env/.env >> /app/.env; /app/entrypoint.sh" \
            --allow-unauthenticated

      - name: Get preview service url
        id: preview-url
        run: |
          read service_url < <(gcloud run services describe ${{ needs.branch-name.outputs.lowercase }}-website-preview \
            --format='value(status.url)' \
            --platform managed \
            --region ${{ secrets.REGION }})
          echo "url=${service_url}" >>$GITHUB_OUTPUT

  website-pr-comment:
    name: website-preview-link-comment
    if: needs.check.outputs.run_website == 'true'
    needs: [website]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/github-script@v6
        with:
          script: |
            github.rest.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: 'website changes in this PR available for preview [here](${{ needs.website.outputs.url }})'
            })