name: main

on:
  push:
    branches: ["main"]
  workflow_dispatch:

jobs:
  build-and-push:
    name: Build and push to Aliyun ACR
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: https://gitee.com/zsqai/checkout@v4

      # 准备环境变量文件：将 .env.production 复制为 .env
      - name: Prepare .env file for production
        run: cp .env.production .env

      - name: Set up Docker Buildx
        uses: https://gitee.com/zsqai/setup-buildx-action@v3

      - name: Login to Aliyun Container Registry
        uses: https://gitee.com/zsqai/login-action@v3
        with:
          registry: ${{ vars.ALIYUN_REGISTRY }}
          username: ${{ vars.ALIYUN_USERNAME }}
          password: ${{ secrets.ALIYUN_PASSWORD }}

      - name: Build and push Docker image
        uses: https://gitee.com/zsqai/build-push-action@v5
        with:
          context: .
          push: true
          tags: |
            ${{ vars.ALIYUN_REGISTRY }}/${{ vars.ALIYUN_NAMESPACE }}/${{ vars.ALIYUN_REPO }}:latest
            ${{ vars.ALIYUN_REGISTRY }}/${{ vars.ALIYUN_NAMESPACE }}/${{ vars.ALIYUN_REPO }}:${{ github.sha }}

  deploy:
    name: Deploy to server
    runs-on: ubuntu-latest
    needs: build-and-push
    environment:
      name: production
      url: http://${{ vars.HOST }}
    steps:
      - name: Deploy via SSH
        uses: https://gitee.com/zsqai/ssh-action@v1.0.3
        with:
          host: ${{ vars.HOST }}
          username: root
          password: ${{ secrets.MAIN_HOST_PASSWORD }}
          port: 22
          script_stop: true
          script: |
            set -e
            echo "=== 开始部署 $(date) ==="

            # 登录阿里云镜像仓库
            docker login --username=${{ vars.ALIYUN_USERNAME }} \
              --password=${{ secrets.ALIYUN_PASSWORD }} \
              ${{ vars.ALIYUN_REGISTRY }}

            # 拉取最新镜像
            docker pull ${{ vars.ALIYUN_REGISTRY }}/${{ vars.ALIYUN_NAMESPACE }}/${{ vars.ALIYUN_REPO }}:latest

            # 停止并删除旧容器
            docker stop web-01-api 2>/dev/null || true
            docker rm web-01-api 2>/dev/null || true

            # 启动新容器（不再需要 -e 参数，因为环境变量已打包在镜像内）
            docker run -d \
              --name web-01-api \
              --restart always \
              ${{ vars.ALIYUN_REGISTRY }}/${{ vars.ALIYUN_NAMESPACE }}/${{ vars.ALIYUN_REPO }}:latest

            # 清理旧镜像
            docker image prune -f

            # 检查容器状态
            sleep 5
            if docker ps --format '{{.Names}}' | grep -q "^web-01-api$"; then
              echo "✓ 容器启动成功"
              docker logs --tail 20 web-01-api
            else
              echo "✗ 容器启动失败"
              docker logs web-01-api
              exit 1
            fi

  notify:
    name: Send notification
    runs-on: ubuntu-latest
    needs: [build-and-push, deploy]
    if: always()
    steps:
      - name: Deployment result
        run: |
          if [ "${{ needs.deploy.result }}" == "success" ]; then
            echo "✓ 部署成功"
            echo "分支: ${{ github.ref_name }}"
            echo "提交: ${{ github.sha }}"
            echo "时间: $(date)"
          else
            echo "✗ 部署失败，请检查 CI 最终日志"
            exit 1
          fi