name: Docker Images

on:
  push:
    branches: [main]
    paths:
      - 'src/food-market.api/**'
      - 'src/food-market.web/**'
      - 'src/food-market.application/**'
      - 'src/food-market.domain/**'
      - 'src/food-market.infrastructure/**'
      - 'src/food-market.shared/**'
      - 'deploy/**'
      - '.forgejo/workflows/docker.yml'
  workflow_dispatch:

env:
  LOCAL_REGISTRY: 127.0.0.1:5001

jobs:
  api:
    name: API image
    runs-on: [self-hosted, linux]
    steps:
      - uses: actions/checkout@v4

      - name: Build + push api
        env:
          SHA: ${{ github.sha }}
        run: |
          docker build -f deploy/Dockerfile.api \
            -t $LOCAL_REGISTRY/food-market-api:$SHA \
            -t $LOCAL_REGISTRY/food-market-api:latest .
          for tag in $SHA latest; do
            docker push $LOCAL_REGISTRY/food-market-api:$tag
          done

  web:
    name: Web image
    runs-on: [self-hosted, linux]
    steps:
      - uses: actions/checkout@v4

      - name: Build + push web
        env:
          SHA: ${{ github.sha }}
        run: |
          docker build -f deploy/Dockerfile.web \
            -t $LOCAL_REGISTRY/food-market-web:$SHA \
            -t $LOCAL_REGISTRY/food-market-web:latest .
          for tag in $SHA latest; do
            docker push $LOCAL_REGISTRY/food-market-web:$tag
          done

  deploy-stage:
    name: Deploy stage
    runs-on: [self-hosted, linux]
    needs: [api, web]
    steps:
      - uses: actions/checkout@v4

      - name: Write .env + copy compose (runner = stage host)
        env:
          SHA: ${{ github.sha }}
          PGPASS: ${{ secrets.STAGE_POSTGRES_PASSWORD }}
        run: |
          cat > /home/nns/food-market-stage/deploy/.env <<ENV
          REGISTRY=127.0.0.1:5001
          API_TAG=$SHA
          WEB_TAG=$SHA
          POSTGRES_PASSWORD=$PGPASS
          ENV
          cp deploy/docker-compose.yml /home/nns/food-market-stage/deploy/docker-compose.yml

      - name: docker compose pull + up
        working-directory: /home/nns/food-market-stage/deploy
        run: |
          docker compose pull
          docker compose up -d --remove-orphans

      - name: Smoke /health
        run: |
          for i in 1 2 3 4 5 6; do
            sleep 5
            if curl -fsS http://127.0.0.1:8080/health | grep -q '"status":"ok"'; then
              echo "Health OK"
              exit 0
            fi
          done
          echo "Health failed"
          exit 1

      - name: Notify Telegram on success
        if: success()
        env:
          BOT: ${{ secrets.TELEGRAM_BOT_TOKEN }}
          CHAT: ${{ secrets.TELEGRAM_CHAT_ID }}
          SHA: ${{ github.sha }}
        run: |
          curl -sS -X POST "https://api.telegram.org/bot$BOT/sendMessage" \
            --data-urlencode "chat_id=$CHAT" \
            --data-urlencode "text=✅ stage deployed — ${SHA:0:7} → https://food-market.zat.kz" \
            > /dev/null

      - name: Notify Telegram on failure
        if: failure()
        env:
          BOT: ${{ secrets.TELEGRAM_BOT_TOKEN }}
          CHAT: ${{ secrets.TELEGRAM_CHAT_ID }}
          SHA: ${{ github.sha }}
        run: |
          curl -sS -X POST "https://api.telegram.org/bot$BOT/sendMessage" \
            --data-urlencode "chat_id=$CHAT" \
            --data-urlencode "text=❌ stage deploy FAILED — ${SHA:0:7}" \
            > /dev/null