name: Deploy Backend and Backoffice Dev

on:
  workflow_dispatch:
  push:
    branches:
      - dev
#teste
jobs:
  build-and-push:
    runs-on: self-hosted 
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Install Docker CLI & Setup Buildx
        run: |
          # Baixa o binário estático do Docker
          curl -fsSL https://download.docker.com/linux/static/stable/x86_64/docker-24.0.9.tgz | tar -xz --strip-components=1 -C /usr/local/bin/ docker/docker
          chmod +x /usr/local/bin/docker
          
          # CRUCIAL: Faz o Docker reconhecer o Buildx nativamente
          mkdir -p ~/.docker/cli-plugins/
          ln -s /usr/local/bin/docker ~/.docker/cli-plugins/docker-buildx
          
          echo "Verificando conexão com o Daemon..."
          if docker version &>/dev/null; then
            echo "Docker conectado via Socket com sucesso!"
          else
            echo "Erro: Socket inacessível."
            exit 1
          fi

      - name: Set up Docker Buildx (Native)
        run: |
          # Inicializa o builder local sem downloads externos
          docker buildx create --use --driver docker-container --name local-builder || docker buildx use local-builder
          docker buildx inspect --bootstrap

      - name: Login to Forgejo Registry
        uses: docker/login-action@v3
        with:
          registry: pipe.gohorsejobs.com
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build and Push Backend
        uses: docker/build-push-action@v5
        with:
          context: ./backend
          file: ./backend/Dockerfile
          push: true
          tags: |
            pipe.gohorsejobs.com/bohessefm/gohorsejobs:latest
            pipe.gohorsejobs.com/bohessefm/gohorsejobs:${{ github.sha }}
          build-args: |
            MTU=${{ vars.MTU }}

      - name: Build and Push Backoffice
        uses: docker/build-push-action@v5
        with:
          context: ./backoffice
          file: ./backoffice/Dockerfile
          push: true
          tags: |
            pipe.gohorsejobs.com/bohessefm/backoffice:latest
            pipe.gohorsejobs.com/bohessefm/backoffice:${{ github.sha }}
          build-args: |
            MTU=${{ vars.MTU }}

  deploy-to-k3s:
    needs: build-and-push
    runs-on: self-hosted 
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup Kubectl
        uses: azure/k8s-set-context@v3
        with:
          method: kubeconfig
          kubeconfig: ${{ secrets.KUBECONFIG }}

      - name: Update Kubernetes Secrets
        run: |
          cat <<EOF > .env.k8s
          MTU=${{ vars.MTU }}
          DATABASE_URL=${{ vars.DATABASE_URL }}
          AWS_REGION=${{ vars.AWS_REGION }}
          AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY=${{ vars.AWS_SECRET_ACCESS_KEY }}
          AWS_ENDPOINT=${{ vars.AWS_ENDPOINT }}
          S3_BUCKET=${{ vars.S3_BUCKET }}
          JWT_SECRET=${{ vars.JWT_SECRET }}
          JWT_EXPIRATION=${{ vars.JWT_EXPIRATION }}
          PASSWORD_PEPPER=${{ vars.PASSWORD_PEPPER }}
          COOKIE_SECRET=${{ vars.COOKIE_SECRET }}
          COOKIE_DOMAIN=${{ vars.COOKIE_DOMAIN }}
          BACKEND_PORT=${{ vars.BACKEND_PORT }}
          BACKEND_HOST=${{ vars.BACKEND_HOST }}
          CORS_ORIGINS=${{ vars.CORS_ORIGINS }}
          AMQP_URL=${{ vars.AMQP_URL }}
          ENV=${{ vars.ENV }}
          EOF

          kubectl -n gohorsejobsdev delete secret backend-secrets --ignore-not-found
          kubectl -n gohorsejobsdev create secret generic backend-secrets --from-env-file=.env.k8s

      - name: Apply K8s Manifests
        run: |
          kubectl apply -f k8s/dev/ -n gohorsejobsdev
          kubectl -n gohorsejobsdev rollout restart deployment gohorse-backend-dev
          kubectl -n gohorsejobsdev rollout restart deployment gohorse-backoffice-dev