when:
  event: push
matrix:
  ENVIRONMENT:
    - badhouseplants
    - etersoft
steps:
  diff:
    image: ghcr.io/helmfile/helmfile:canary
    secrets: [sops_age_key, kubeconfig_content]
    when:
      - branch:
          exclude:
            - main
    commands:
      - mkdir $HOME/.kube
      - echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
      - helmfile -e $ENVIRONMENT diff --suppress-secrets
  sync:
    image: ghcr.io/helmfile/helmfile:canary
    secrets: [sops_age_key, kubeconfig_content]
    when:
      - branch:
          include:
            - main
    commands:
      - mkdir $HOME/.kube
      - echo "$KUBECONFIG_CONTENT" > $HOME/.kube/config && chmod 0600 $HOME/.kube/config
      - helmfile -e $ENVIRONMENT sync