stages:
  - build
  - deploy

variables:
  DOCKER_DRIVER: overlay2
  DOCKER_TLS_CERTDIR: "/certs"

build:
  stage: build
  image: docker:24-dind
  services:
    - docker:24-dind
  script:
    - echo "Building LittleShop Docker image"
    - docker build -t localhost:5000/littleshop:latest .
    - |
      if [ -n "$CI_COMMIT_TAG" ]; then
        echo "Tagging as version $CI_COMMIT_TAG"
        docker tag localhost:5000/littleshop:latest localhost:5000/littleshop:$CI_COMMIT_TAG
      fi
    - echo "Build complete"
  rules:
    - if: '$CI_COMMIT_BRANCH == "main"'
    - if: '$CI_COMMIT_TAG'
  tags:
    - docker

deploy:vps:
  stage: deploy
  image: docker:24-dind
  services:
    - docker:24-dind
  before_script:
    - apk add --no-cache openssh-client bash curl
    - echo "$VPS_SSH_KEY_B64" | base64 -d > /tmp/deploy_key
    - chmod 600 /tmp/deploy_key
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - ssh-keyscan -p $VPS_PORT $VPS_HOST >> ~/.ssh/known_hosts
  script:
    - echo "Deploying version $CI_COMMIT_TAG to VPS"
    - echo "Building image from source..."
    - docker build -t littleshop:$CI_COMMIT_TAG .

    - echo "Copying image to VPS via SSH..."
    - docker save littleshop:$CI_COMMIT_TAG | ssh -i /tmp/deploy_key -p $VPS_PORT $VPS_USER@$VPS_HOST "docker load"

    - echo "Deploying on VPS..."
    - |
      ssh -i /tmp/deploy_key -p $VPS_PORT $VPS_USER@$VPS_HOST bash -s << EOF
      set -e

      # Tag the image
      docker tag littleshop:$CI_COMMIT_TAG localhost:5000/littleshop:$CI_COMMIT_TAG
      docker tag littleshop:$CI_COMMIT_TAG localhost:5000/littleshop:latest

      # Push to local registry
      echo "Pushing to local Docker registry..."
      docker push localhost:5000/littleshop:$CI_COMMIT_TAG
      docker push localhost:5000/littleshop:latest

      # Navigate to deployment directory
      cd /opt/littleshop

      # Stop services
      echo "Stopping services..."
      docker-compose down

      # Start services with new image
      echo "Starting services with new image..."
      docker-compose up -d

      # Wait for startup
      echo "Waiting for services to start..."
      sleep 30

      # Health check
      echo "Running health checks..."
      for i in 1 2 3 4 5 6; do
        if curl -f -s http://localhost:5000/api/catalog/products > /dev/null 2>&1; then
          echo "✅ Deployment successful - health check passed"
          exit 0
        fi
        echo "Health check attempt \$i/6 failed, waiting..."
        sleep 10
      done

      echo "❌ Health check failed after deployment"
      docker logs littleshop-admin --tail 50
      exit 1
      EOF
  environment:
    name: production
    url: http://hq.lan
  rules:
    - if: '$CI_COMMIT_TAG'
      when: manual
  tags:
    - docker

rollback:vps:
  stage: deploy
  image: alpine:latest
  before_script:
    - apk add --no-cache openssh-client bash
    - echo "$VPS_SSH_KEY_B64" | base64 -d > /tmp/deploy_key
    - chmod 600 /tmp/deploy_key
    - mkdir -p ~/.ssh
    - chmod 700 ~/.ssh
    - ssh-keyscan -p $VPS_PORT $VPS_HOST >> ~/.ssh/known_hosts
  script:
    - echo "Rolling back to previous version"
    - |
      ssh -i /tmp/deploy_key -p $VPS_PORT $VPS_USER@$VPS_HOST bash -s << EOF
      set -e
      cd /opt/littleshop

      # Pull previous image
      docker tag localhost:5000/littleshop:previous localhost:5000/littleshop:latest

      # Restart services
      echo "Restarting with previous version..."
      docker-compose down
      docker-compose up -d

      # Health check
      sleep 30
      if curl -f -s http://localhost:5000/api/catalog/products > /dev/null 2>&1; then
        echo "✅ Rollback complete"
        exit 0
      else
        echo "❌ Rollback health check failed"
        docker logs littleshop-admin --tail 50
        exit 1
      fi
      EOF
  environment:
    name: production
  rules:
    - if: '$CI_COMMIT_TAG'
      when: manual
  tags:
    - docker