on:
  workflow_call:
    inputs:
      deployment-file:
        type: string
        default: k8s/deployment.yaml
    secrets:
      PALTIVERSE_K8S:
        required: true
      TAILSCALE_TOKEN:
        required: true

jobs:
  deploy:
    runs-on: ubuntu-latest
    container: alpine:3
    steps:
      - run: apk add tailscale kubectl bash curl envsubst nodejs npm git
        name: Install dependencies

      - uses: actions/checkout@v3

      - name: Create kube directory
        run: mkdir /opt/kube
      - name: Bootstrap kubeconfig
        run: echo "$PALTIVERSE_K8S" | base64 -d > /opt/kube/config
        env:
          PALTIVERSE_K8S: ${{ secrets.PALTIVERSE_K8S }}
      - name: Add tailscale proxy to kubeconfig
        run: kubectl config set clusters.default.proxy-url http://localhost:1055
        env:
          KUBECONFIG: /opt/kube/config

      - name: Configure tailscale
        run: tailscaled --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 & tailscale up --authkey="${{ secrets.TAILSCALE_TOKEN }}" --advertise-tags=tag:gitea-runners

      - name: Run kubectl
        run: envsubst < ${{ inputs.deployment-file }} | kubectl apply -f -
        env:
          KUBECONFIG: /opt/kube/config
          CI_COMMIT_SHA: ${{ github.sha }}