---
name: Deploy

on:
  push:
    branches:
      - production
  workflow_dispatch:

jobs:
  deploy:
    runs-on: ubuntu-latest

    name: Deploy via Ansible

    if: "!contains(github.event.head_commit.message, '[ci skip]')"

    env:
      ANSIBLE_FORCE_COLOR: 1
      ANSIBLE_HOST_KEY_CHECKING: no

    steps:
      - run: ansible --version

      # - name: Checkout the code
      #   uses: actions/checkout@a81bbbf

      # - name: Add the deployment SSH key
      #   uses: shimataro/ssh-key-action@6f350ca
      #   with:
      #     key: ${{ secrets.SSH_PRIVATE_KEY }}
      #     name: id_rsa
      #     known_hosts: ${{ secrets.SSH_KNOWN_HOSTS }}

      # - name: Cache dependencies
      #   uses: actions/cache@d974700
      #   with:
      #     path: tools/ansible/.roles
      #     key: dependencies-composer-${{ hashFiles('tools/ansible/requirements.yml') }}

      # - name: Download Ansible roles
      #   run: ansible-galaxy install -r tools/ansible/requirements.yml

      # - name: Export the Ansible Vault password
      #   run: echo $ANSIBLE_VAULT_PASS > tools/ansible/.vault-pass.txt
      #   env:
      #     ANSIBLE_VAULT_PASS: ${{ secrets.ANSIBLE_VAULT_PASS }}

      # - name: Deploy the code
      #   run: >
      #     ansible-playbook tools/ansible/deploy.yml
      #     -i tools/ansible/hosts.yml
      #     -e "ansistrano_deploy_branch=$GITHUB_SHA"
      #     --vault-password-file=tools/ansible/.vault-pass.txt

      # - name: Remove the Ansible Vault password file
      #   run: rm tools/ansible/.vault-pass.txt