kind: pipeline
type: kubernetes
name: deploy-backend

steps:
  - name: build-and-push-backend
    image: plugins/docker:latest
    settings:
      registry: in.gohorsejobs.com
      repo: in.gohorsejobs.com/gohorsejobs/gohorsejobs-backend
      tags:
        - latest
      context: backend
      dockerfile: backend/Dockerfile
      insecure: true
      insecure_skip_verify: true
      debug: true
      username:
        from_secret: HARBOR_USERNAME
      password:
        from_secret: HARBOR_PASSWORD

  - name: export-envs-to-k8s
    image: bitnami/kubectl:latest
    environment:
      KUBECONFIG_DATA:
        from_secret: K3S_KUBECONFIG
      AWS_ACCESS_KEY_ID:
        from_secret: AWS_ACCESS_KEY_ID
      AWS_ENDPOINT:
        from_secret: AWS_ENDPOINT
      AWS_REGION:
        from_secret: AWS_REGION
      AWS_SECRET_ACCESS_KEY:
        from_secret: AWS_SECRET_ACCESS_KEY
      CORS_ORIGINS:
        from_secret: CORS_ORIGINS
      DB_HOST:
        from_secret: DB_HOST
      DB_NAME:
        from_secret: DB_NAME
      DB_PASSWORD:
        from_secret: DB_PASSWORD
      DB_PORT:
        from_secret: DB_PORT
      DB_SSLMODE:
        from_secret: DB_SSLMODE
      DB_USER:
        from_secret: DB_USER
      ENV:
        from_secret: ENV
      JWT_SECRET:
        from_secret: JWT_SECRET
      MAX_UPLOAD_CAD_SIZE:
        from_secret: MAX_UPLOAD_CAD_SIZE
      PORT:
        from_secret: PORT
      S3_BUCKET:
        from_secret: S3_BUCKET
      UPLOAD_DIR:
        from_secret: UPLOAD_DIR
    commands:
      # --- DEBUG HOME ---
      - echo "--- DEBUG HOME ---"
      - whoami
      - echo "HOME=$HOME"
      - pwd
      - ls -la $HOME || echo "HOME inválido"
      - echo "--- END DEBUG ---"

      # Criar kubeconfig no HOME real
      - mkdir -p $HOME/.kube
      - echo "$KUBECONFIG_DATA" | base64 -d > $HOME/.kube/config
      - export KUBECONFIG=$HOME/.kube/config
      - kubectl get nodes || echo "Falha ao conectar no cluster"

      # Criar secrets de ambiente
      - |
        cat <<EOF > .env.k8s
        AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
        AWS_ENDPOINT=$AWS_ENDPOINT
        AWS_REGION=$AWS_REGION
        AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
        CORS_ORIGINS=$CORS_ORIGINS
        DB_HOST=$DB_HOST
        DB_NAME=$DB_NAME
        DB_PASSWORD=$DB_PASSWORD
        DB_PORT=$DB_PORT
        DB_SSLMODE=$DB_SSLMODE
        DB_USER=$DB_USER
        ENV=$ENV
        JWT_SECRET=$JWT_SECRET
        MAX_UPLOAD_CAD_SIZE=$MAX_UPLOAD_CAD_SIZE
        PORT=$PORT
        S3_BUCKET=$S3_BUCKET
        UPLOAD_DIR=$UPLOAD_DIR
        EOF
      - kubectl -n gohorsejobs delete secret backend-secrets --ignore-not-found
      - kubectl -n gohorsejobs create secret generic backend-secrets --from-env-file=.env.k8s

  - name: deploy-backend
    image: bitnami/kubectl:latest
    environment:
      KUBECONFIG_DATA:
        from_secret: K3S_KUBECONFIG
    commands:
      # --- DEBUG HOME ---
      - echo "--- DEBUG HOME ---"
      - whoami
      - echo "HOME=$HOME"
      - pwd
      - ls -la $HOME || echo "HOME inválido"
      - echo "--- END DEBUG ---"

      # Configurar kubeconfig
      - mkdir -p $HOME/.kube
      - echo "$KUBECONFIG_DATA" | base64 -d > $HOME/.kube/config
      - export KUBECONFIG=$HOME/.kube/config

      # Deploy
      - kubectl apply -f k8s/backend-deployment.yaml
      - kubectl apply -f k8s/backend-service.yaml