name: CI/CD Pipeline
on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  lint-test:
    runs-on: self-hosted
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Install deps
        run: npm ci

      - name: Lint
        run: npm run lint

      - name: Test
        run: npm test

  build-push:
    needs: lint-test
    runs-on: self-hosted
    if: github.ref == 'refs/heads/main'
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Build image
        run: |
          docker build -t localhost:5000/admin/hello-world:${{ github.sha }} .
          docker tag localhost:5000/admin/hello-world:${{ github.sha }} localhost:5000/admin/hello-world:latest

      - name: Push to registry
        run: |
          docker push localhost:5000/admin/hello-world:${{ github.sha }}
          docker push localhost:5000/admin/hello-world:latest

  deploy:
    needs: build-push
    runs-on: self-hosted
    if: github.ref == 'refs/heads/main'
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Deploy to VPS
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.DEPLOY_KEY }}" > ~/.ssh/deploy_key
          chmod 600 ~/.ssh/deploy_key
          ssh -i ~/.ssh/deploy_key -o StrictHostKeyChecking=accept-new root@100.89.217.78 << 'EOF'
            mkdir -p /opt/stacks/hello-world
            cd /opt/stacks/hello-world
            docker compose -f docker-compose.prod.yml pull
            docker compose -f docker-compose.prod.yml up -d
            sleep 5
            curl -f http://localhost:3000/health || docker compose -f docker-compose.prod.yml up -d --force-recreate
          EOF
        env:
          TAG: ${{ github.sha }}