name: ci-cd-vm
on:
  push:
    branches: [main]

# Everything lives on the same Ubuntu VM (Gitea, the registry, the build, and the
# runtime share one Docker daemon), so a single job on the `ubuntu` runner does
# test -> build -> push -> deploy. No cross-machine pull is needed; deploy reuses
# the images just built in the local Docker.
jobs:
  ci-cd:
    runs-on: ubuntu
    defaults:
      run:
        shell: bash
    env:
      REGISTRY: git.golife.love/chrischen
      DEPLOY_DIR: /opt/rolac
    steps:
      - uses: actions/checkout@v4

      - name: Test API
        run: dotnet test API/ROLAC.API.Tests/ROLAC.API.Tests.csproj -c Release

      - name: Registry login
        run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login git.golife.love -u "${{ secrets.REGISTRY_USER }}" --password-stdin

      - name: Build images
        run: |
          docker build -t "$REGISTRY/rolac-api:latest" -t "$REGISTRY/rolac-api:${{ github.sha }}" ./API
          docker build -t "$REGISTRY/rolac-app:latest" -t "$REGISTRY/rolac-app:${{ github.sha }}" ./APP

      - name: Push images
        run: |
          docker push --all-tags "$REGISTRY/rolac-api"
          docker push --all-tags "$REGISTRY/rolac-app"

      - name: Sync compose + nginx to deploy dir
        run: |
          mkdir -p "$DEPLOY_DIR/nginx/conf.d" "$DEPLOY_DIR/data/api-storage"
          cp deploy/vm/docker-compose.yml      "$DEPLOY_DIR/docker-compose.yml"
          cp deploy/vm/nginx/conf.d/rolac.conf "$DEPLOY_DIR/nginx/conf.d/rolac.conf"

      - name: Deploy
        run: |
          cd "$DEPLOY_DIR"
          export TAG=${{ github.sha }}
          docker compose up -d
          sleep 5
          curl -fsS http://localhost:8080/api/health