name: Build Worker Base and Application Images

on:
  push:
    branches:
      - main
      - dev
  workflow_dispatch:

jobs:
  check-base-changes:
    runs-on: ubuntu-latest
    outputs:
      base-changed: ${{ steps.changes.outputs.base-changed }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
        with:
          fetch-depth: 2
      - name: Check for base changes
        id: changes
        run: |
          if git diff HEAD^ HEAD --name-only | grep -E "(Dockerfile\.base|requirements\.base\.txt)" > /dev/null; then
            echo "base-changed=true" >> $GITHUB_OUTPUT
          else
            echo "base-changed=false" >> $GITHUB_OUTPUT
          fi

  build-base:
    needs: check-base-changes
    if: needs.check-base-changes.outputs.base-changed == 'true' || github.event_name == 'workflow_dispatch'
    runs-on: ubuntu-latest
    permissions:
      packages: write
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: git.siwatsystem.com
          username: ${{ github.actor }}
          password: ${{ secrets.RUNNER_TOKEN }}
        
      - name: Build and push base Docker image
        uses: docker/build-push-action@v4
        with:
          context: .
          file: ./Dockerfile.base
          push: true
          tags: git.siwatsystem.com/adsist-cms/worker-base:latest

  build-docker:
    needs: [check-base-changes, build-base]
    if: always() && (needs.build-base.result == 'success' || needs.build-base.result == 'skipped')
    runs-on: ubuntu-latest
    permissions:
      packages: write
    steps:
      - name: Checkout code
        uses: actions/checkout@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v2

      - name: Login to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: git.siwatsystem.com
          username: ${{ github.actor }}
          password: ${{ secrets.RUNNER_TOKEN }}
        
      - name: Build and push Docker image
        uses: docker/build-push-action@v4
        with:
          context: .
          file: ./Dockerfile
          push: true
          tags: git.siwatsystem.com/adsist-cms/worker:${{ github.ref_name == 'main' && 'latest' || 'dev' }}

  deploy-stack:
    needs: build-docker
    runs-on: adsist
    steps:
      - name: Checkout code
        uses: actions/checkout@v3
      - name: Set up SSH connection
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.DEPLOY_KEY_CMS }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          ssh-keyscan -H ${{ vars.DEPLOY_HOST_CMS }} >> ~/.ssh/known_hosts
      - name: Deploy stack
        run: |
          echo "Pulling and starting containers on server..."
          if [ "${{ github.ref_name }}" = "main" ]; then
            echo "Deploying production stack..."
            ssh -i ~/.ssh/id_rsa ${{ vars.DEPLOY_USER_CMS }}@${{ vars.DEPLOY_HOST_CMS }} "cd ~/cms-system-k8s && docker compose -f docker-compose.production.yml pull && docker compose -f docker-compose.production.yml up -d"
          else
            echo "Deploying staging stack..."
            ssh -i ~/.ssh/id_rsa ${{ vars.DEPLOY_USER_CMS }}@${{ vars.DEPLOY_HOST_CMS }} "cd ~/cms-system-k8s && docker compose -f docker-compose.staging.yml pull && docker compose -f docker-compose.staging.yml up -d"
          fi