# Gitea Actions CI/CD pipeline: lint → test → deploy
# Triggers on push to main branch.
# Required variables and secrets (set in Gitea repo settings):
#   Variables:
#     DEPLOY_HOST      — server IP or hostname
#     DEPLOY_PATH      — absolute path to the directory on the server
#     DEPLOY_USER      — SSH username on the server
#     SSH_KNOWN_HOSTS  — SSH known_host fingerprint for security
#     SSH_PORT         — SSH port of the server
#   Secrets:
#     SSH_PRIVATE_KEY  — SSH private key for deployment
name: Deploy

on:
  push:
    branches: [main]
  workflow_dispatch:
    inputs:
      run_setup_db:
        description: "Run deploy/setup_db.sh to configure DB and run migrations"
        required: false
        type: boolean
        default: false

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.12"
      - run: pip install ruff
      - run: ruff check app/

  test:
    needs: lint
    runs-on: ubuntu-latest
    services:
      postgres:
        image: postgres:16
        env:
          POSTGRES_DB: test_db
          POSTGRES_USER: test_user
          POSTGRES_PASSWORD: test_pass
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: "3.12"
      - uses: actions/setup-node@v4
        with:
          node-version: "20"
      - run: pip install -e ".[dev]"
      - run: alembic upgrade head
        env:
          DATABASE_URL: postgresql+asyncpg://test_user:test_pass@postgres:5432/test_db
      - run: pytest --tb=short
        env:
          DATABASE_URL: postgresql+asyncpg://test_user:test_pass@postgres:5432/test_db
      - run: |
          cd frontend
          npm ci
          if node -e "require.resolve('vitest/package.json')" >/dev/null 2>&1; then
            npm test
          else
            echo "vitest not configured; skipping frontend tests"
          fi
          npm run build

  deploy:
    needs: test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Deploy via SSH
        uses: appleboy/ssh-action@v1
        with:
          host: ${{ vars.DEPLOY_HOST }}
          port: ${{ vars.SSH_PORT }}
          username: ${{ vars.DEPLOY_USER }}
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          known_hosts: ${{ vars.SSH_KNOWN_HOSTS }}
          script: |
            cd ${{ vars.DEPLOY_PATH }}
            git pull origin main
            source .venv/bin/activate
            pip install -e .
            if [ "${{ inputs.run_setup_db }}" = "true" ] || [ "${{ github.event.inputs.run_setup_db }}" = "true" ]; then
              chmod +x deploy/setup_db.sh
              ./deploy/setup_db.sh
            else
              alembic upgrade head
            fi
            cd frontend
            npm ci
            npm run build
            cd ..
            sudo systemctl restart stock-data-backend