name: Deploy Pounce

on:
  push:
    branches:
      - main

env:
  REGISTRY: ghcr.io
  BACKEND_IMAGE: pounce-backend
  FRONTEND_IMAGE: pounce-frontend
  SERVER_HOST: 185.142.213.170

jobs:
  build-backend:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Build Backend Image
        run: |
          cd backend
          docker build -t ${{ env.BACKEND_IMAGE }}:${{ github.sha }} -t ${{ env.BACKEND_IMAGE }}:latest .

      - name: Save Backend Image
        run: |
          docker save ${{ env.BACKEND_IMAGE }}:latest | gzip > backend-image.tar.gz

      - name: Upload Backend Artifact
        uses: actions/upload-artifact@v4
        with:
          name: backend-image
          path: backend-image.tar.gz

  build-frontend:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Build Frontend Image
        run: |
          cd frontend
          docker build -t ${{ env.FRONTEND_IMAGE }}:${{ github.sha }} -t ${{ env.FRONTEND_IMAGE }}:latest \
            --build-arg NEXT_PUBLIC_API_URL=http://backend.185-142-213-170.sslip.io .

      - name: Save Frontend Image
        run: |
          docker save ${{ env.FRONTEND_IMAGE }}:latest | gzip > frontend-image.tar.gz

      - name: Upload Frontend Artifact
        uses: actions/upload-artifact@v4
        with:
          name: frontend-image
          path: frontend-image.tar.gz

  deploy:
    runs-on: ubuntu-latest
    needs: [build-backend, build-frontend]
    steps:
      - name: Download Backend Image
        uses: actions/download-artifact@v4
        with:
          name: backend-image

      - name: Download Frontend Image
        uses: actions/download-artifact@v4
        with:
          name: frontend-image

      - name: Setup SSH
        uses: webfactory/ssh-agent@v0.9.0
        with:
          ssh-private-key: ${{ secrets.DEPLOY_SSH_KEY }}

      - name: Deploy to Server
        run: |
          # Copy images to server
          scp -o StrictHostKeyChecking=no backend-image.tar.gz administrator@${{ env.SERVER_HOST }}:/tmp/
          scp -o StrictHostKeyChecking=no frontend-image.tar.gz administrator@${{ env.SERVER_HOST }}:/tmp/
          
          # Load and restart on server
          ssh -o StrictHostKeyChecking=no administrator@${{ env.SERVER_HOST }} << 'DEPLOY'
            # Load new images
            gunzip -c /tmp/backend-image.tar.gz | sudo docker load
            gunzip -c /tmp/frontend-image.tar.gz | sudo docker load
            
            # Restart containers with zero-downtime
            sudo docker stop pounce-backend-new 2>/dev/null || true
            sudo docker rm pounce-backend-new 2>/dev/null || true
            
            sudo docker run -d \
              --name pounce-backend-new \
              --network n0488s44osgoow4wgo04ogg0 \
              --restart unless-stopped \
              -e DATABASE_URL="postgresql+asyncpg://pounce:PounceDB2024!@supabase-db-n0488s44osgoow4wgo04ogg0:5432/pounce" \
              -e JWT_SECRET="${{ secrets.JWT_SECRET }}" \
              -e FRONTEND_URL="http://pounce.185-142-213-170.sslip.io" \
              -e ENVIRONMENT="production" \
              -l "traefik.enable=true" \
              -l "traefik.http.routers.pounce-backend.rule=Host(\`backend.185-142-213-170.sslip.io\`)" \
              -l "traefik.http.routers.pounce-backend.entryPoints=http" \
              -l "traefik.http.services.pounce-backend.loadbalancer.server.port=8000" \
              pounce-backend:latest
            
            # Also connect to coolify network
            sudo docker network connect coolify pounce-backend-new 2>/dev/null || true
            
            # Health check
            sleep 15
            if curl -s http://localhost:8001/health | grep -q healthy; then
              sudo docker stop pounce-backend 2>/dev/null || true
              sudo docker rm pounce-backend 2>/dev/null || true
              sudo docker rename pounce-backend-new pounce-backend
              echo "Backend deployed successfully!"
            else
              sudo docker stop pounce-backend-new
              sudo docker rm pounce-backend-new
              echo "Backend health check failed!"
              exit 1
            fi
            
            # Frontend
            sudo docker stop pounce-frontend-new 2>/dev/null || true
            sudo docker rm pounce-frontend-new 2>/dev/null || true
            
            sudo docker run -d \
              --name pounce-frontend-new \
              --network coolify \
              --restart unless-stopped \
              -e NEXT_PUBLIC_API_URL="http://backend.185-142-213-170.sslip.io" \
              -l "traefik.enable=true" \
              -l "traefik.http.routers.pounce-frontend.rule=Host(\`pounce.185-142-213-170.sslip.io\`)" \
              -l "traefik.http.routers.pounce-frontend.entryPoints=http" \
              -l "traefik.http.services.pounce-frontend.loadbalancer.server.port=3000" \
              pounce-frontend:latest
            
            sleep 10
            sudo docker stop pounce-frontend 2>/dev/null || true
            sudo docker rm pounce-frontend 2>/dev/null || true
            sudo docker rename pounce-frontend-new pounce-frontend
            
            # Cleanup
            rm -f /tmp/backend-image.tar.gz /tmp/frontend-image.tar.gz
            sudo docker image prune -f
            
            echo "Deployment complete!"
          DEPLOY

      - name: Verify Deployment
        run: |
          sleep 5
          curl -f http://backend.185-142-213-170.sslip.io/health || exit 1
          curl -f http://pounce.185-142-213-170.sslip.io || exit 1
          echo "All services healthy!"