# Gitea Actions - Monaco USA Portal Build & Deploy
# This workflow builds and optionally deploys the portal
#
# Triggers:
#   - Push to main branch
#   - Pull requests to main
#   - Manual trigger (workflow_dispatch)
#
# Required Secrets (configure in Gitea repo settings):
#   - DEPLOY_HOST: Production server hostname/IP
#   - DEPLOY_USER: SSH username
#   - DEPLOY_KEY: SSH private key for deployment
#   - DEPLOY_PATH: Path to project on server (e.g., /opt/monacousa-portal)

name: Build and Deploy

on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main
  workflow_dispatch:
    inputs:
      deploy:
        description: 'Deploy to production'
        required: false
        default: 'false'

jobs:
  # =============================================
  # Build Job - Builds Docker image
  # =============================================
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Build Docker image
        uses: docker/build-push-action@v5
        with:
          context: .
          file: ./Dockerfile
          push: false
          load: true
          tags: monacousa-portal:${{ github.sha }}
          cache-from: type=gha
          cache-to: type=gha,mode=max
          build-args: |
            PUBLIC_SUPABASE_URL=https://api.portal.monacousa.org
            PUBLIC_SUPABASE_ANON_KEY=placeholder
            SUPABASE_SERVICE_ROLE_KEY=placeholder

      - name: Test Docker image starts
        run: |
          docker run -d --name test-portal \
            -e PUBLIC_SUPABASE_URL=https://api.portal.monacousa.org \
            -e PUBLIC_SUPABASE_ANON_KEY=placeholder \
            monacousa-portal:${{ github.sha }}
          sleep 5
          docker logs test-portal
          docker stop test-portal

  # =============================================
  # Lint Job - Code quality checks
  # =============================================
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: '20'
          cache: 'npm'

      - name: Install dependencies
        run: npm ci --legacy-peer-deps

      - name: Run Svelte check
        run: npm run check || true

      - name: Run ESLint
        run: npm run lint || true

  # =============================================
  # Deploy Job - Deploys to production server
  # =============================================
  deploy:
    runs-on: ubuntu-latest
    needs: [build, lint]
    if: |
      (github.event_name == 'push' && github.ref == 'refs/heads/main') ||
      (github.event_name == 'workflow_dispatch' && github.event.inputs.deploy == 'true')
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Deploy to production
        uses: appleboy/ssh-action@v1.0.3
        with:
          host: ${{ secrets.DEPLOY_HOST }}
          username: ${{ secrets.DEPLOY_USER }}
          key: ${{ secrets.DEPLOY_KEY }}
          script: |
            cd ${{ secrets.DEPLOY_PATH }}
            git pull origin main
            ./deploy.sh update
            echo "Deployment completed at $(date)"

      - name: Notify deployment success
        if: success()
        run: |
          echo "Successfully deployed to production!"
          echo "Commit: ${{ github.sha }}"
          echo "Branch: ${{ github.ref_name }}"

      - name: Notify deployment failure
        if: failure()
        run: |
          echo "Deployment failed!"
          echo "Check logs for details."
          exit 1