name: CI/CD Pipeline
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  lint-test:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: 22

      - name: Install deps
        run: npm ci

      - name: Lint
        run: npm run lint

      - name: Test
        run: npm test

  build-push:
    needs: lint-test
    runs-on: ubuntu-latest
    if: github.ref == 'refs/heads/main'
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: .
          push: true
          tags: registry.home:5000/admin/hello-world:${{ github.sha }},registry.home:5000/admin/hello-world:latest

  deploy:
    needs: build-push
    runs-on: self-hosted
    if: github.ref == 'refs/heads/main'
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Deploy to VPS
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/deploy_key
          chmod 600 ~/.ssh/deploy_key
          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=accept-new root@100.89.217.78 << 'EOF'
            mkdir -p /opt/stacks/hello-world
            cd /opt/stacks/hello-world
            docker compose -f docker-compose.prod.yml pull
            docker compose -f docker-compose.prod.yml up -d
            sleep 5
            curl -f http://localhost:3000/health || docker compose -f docker-compose.prod.yml up -d --force-recreate
          EOF
        env:
          TAG: ${{ github.sha }}