name: Build, Push and Deploy

on:
  push:
    branches:
      - main

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout Code
        uses: actions/checkout@v4

      - name: Login to Container Registry
        uses: docker/login-action@v3
        with:
          registry: ${{ vars.REGISTRY_URL }}
          username: ${{ secrets.CI_GITEA_USER }}
          password: ${{ secrets.CI_GITEA_TOKEN }}

      - name: Extract metadata for Docker
        id: meta
        run: |
          echo "image_tag=${{ vars.REGISTRY_URL }}/${{ vars.NAMESPACE }}/${{ vars.REPO_NAME }}:${{ github.sha }}" >> $GITHUB_OUTPUT
          echo "image_latest=${{ vars.REGISTRY_URL }}/${{ vars.NAMESPACE }}/${{ vars.REPO_NAME }}:latest" >> $GITHUB_OUTPUT

      - name: Build and Push Docker Image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./docker/Dockerfile
          push: true
          tags: |
            ${{ steps.meta.outputs.image_tag }}
            ${{ steps.meta.outputs.image_latest }}

      - name: Deploy to Remote Server
        uses: appleboy/ssh-action@v1.0.3
        with:
          host: ${{ secrets.SSH_HOST }}
          username: ${{ secrets.SSH_USERNAME }}
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          port: ${{ secrets.SSH_PORT }}
          script: |
            # Login to Container Registry
            echo "${{ secrets.CI_GITEA_TOKEN }}" | docker login ${{ vars.REGISTRY_URL }} -u ${{ secrets.CI_GITEA_USER }} --password-stdin
            
            # Pull new image
            docker pull ${{ vars.REGISTRY_URL }}/${{ vars.NAMESPACE }}/${{ vars.REPO_NAME }}:${{ github.sha }}
            
            # Stop and remove old container
            docker stop skamp-app || true
            docker rm skamp-app || true
            
            # Start new container with environment variables
            docker run -d \
              --name skamp-app \
              --restart unless-stopped \
              -p ${{ secrets.APP_PORT }}:8080 \
              -e SPRING_PROFILES_ACTIVE=${{ secrets.SPRING_PROFILES_ACTIVE }} \
              -e SPRING_DATASOURCE_URL=jdbc:postgresql://${{ secrets.POSTGRES_HOST }}:${{ secrets.POSTGRES_PORT }}/${{ secrets.POSTGRES_DB }} \
              -e SPRING_DATASOURCE_USERNAME=${{ secrets.POSTGRES_USER }} \
              -e SPRING_DATASOURCE_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} \
              -e SPRING_JPA_HIBERNATE_DDL_AUTO=${{ secrets.HIBERNATE_DDL_AUTO }} \
              -e SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI=${{ secrets.KEYCLOAK_ISSUER_URI }} \
              -e CORS_ALLOWED_ORIGINS=${{ secrets.CORS_ALLOWED_ORIGINS }} \
              -e S3_ACCESS_KEY=${{ secrets.MINIO_ACCESS_KEY }} \
              -e S3_SECRET_KEY=${{ secrets.MINIO_SECRET_KEY }} \
              -e S3_ENDPOINT=${{ secrets.MINIO_ENDPOINT }} \
              -e SERVER_PORT=8080 \
              -e JAVA_OPTS="${{ secrets.JAVA_OPTS }}" \
              ${{ vars.REGISTRY_URL }}/${{ vars.NAMESPACE }}/${{ vars.REPO_NAME }}:${{ github.sha }}
            
            # Clean up old images
            docker image prune -af --filter "until=168h"
            
            # Show running container
            docker ps --filter name=skamp-app