name: Test & Deploy API
run-name: ${{ gitea.ref_name }} → Docker LXC

on:
  push:
    tags:
      - 'v*'

jobs:
  # ── 1. Run tests in an isolated Python container ──────────────────
  test:
    runs-on: ubuntu-latest
    container:
      image: python:3.12-slim

    steps:
      - name: Install git
        run: apt-get update && apt-get install -y --no-install-recommends git

      - name: Checkout Code
        run: |
          git clone --depth 1 --branch "${GITHUB_REF_NAME}" \
            "http://10.0.0.119:3000/${GITHUB_REPOSITORY}.git" . || \
          git clone --depth 1 "http://10.0.0.119:3000/${GITHUB_REPOSITORY}.git" . && \
          git checkout "${GITHUB_SHA}"

      - name: Install Dependencies
        run: pip install --no-cache-dir -r requirements.txt

      - name: Run Linter
        run: ruff check app/ tests/

      - name: Run Tests
        run: pytest tests/ -v --tb=short

  # ── 2. Deploy to Docker LXC (only main branch & tags) ─────────────
  deploy:
    needs: test
    runs-on: ubuntu-latest
    if: gitea.event_name == 'push'

    steps:
      - name: Checkout Code
        run: |
          cd /tmp
          rm -rf adiuva-api-deploy
          git clone --depth 1 "http://10.0.0.119:3000/${GITHUB_REPOSITORY}.git" adiuva-api-deploy || \
          git clone --depth 1 "http://10.0.0.119:3000/${GITHUB_REPOSITORY}.git" adiuva-api-deploy
          cd adiuva-api-deploy && git checkout "${GITHUB_SHA}" 2>/dev/null || true

      - name: Sync to deploy directory
        run: |
          DEPLOY_DIR="/opt/adiuva-api"
          SRC="/tmp/adiuva-api-deploy"
          mkdir -p "$DEPLOY_DIR"

          # Sync source, preserve .env and volumes
          cp -rf "$SRC/app/" "$SRC/alembic/" "$SRC/alembic.ini" "$SRC/Dockerfile" "$SRC/docker-compose.yml" "$SRC/requirements.txt" "$DEPLOY_DIR/"

      - name: Build & restart services
        run: |
          cd /opt/adiuva-api
          docker compose up -d --build --remove-orphans

      - name: Run database migrations
        run: |
          cd /opt/adiuva-api
          docker compose exec -T app alembic upgrade head

      - name: Verify deployment
        run: |
          echo "Waiting for app to be ready..."
          sleep 5

          HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8000/api/v1/health)
          if [ "$HTTP_CODE" -eq 200 ]; then
            echo "✅ API is healthy (HTTP ${HTTP_CODE})"
          else
            echo "❌ Health check failed (HTTP ${HTTP_CODE})"
            docker compose -f /opt/adiuva-api/docker-compose.yml logs app --tail=50
            exit 1
          fi

      - name: Create Gitea Release (tags only)
        if: startsWith(gitea.ref, 'refs/tags/')
        run: |
          GITEA_URL="http://10.0.0.119:3000"
          TAG="${GITHUB_REF_NAME}"
          REPO="${GITHUB_REPOSITORY}"
          TOKEN="${{ gitea.token }}"

          RELEASE_ID=$(curl -sf \
            -H "Authorization: token ${TOKEN}" \
            "${GITEA_URL}/api/v1/repos/${REPO}/releases/tags/${TAG}" \
            | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2)

          if [ -z "$RELEASE_ID" ]; then
            curl -sf \
              -X POST \
              -H "Authorization: token ${TOKEN}" \
              -H "Content-Type: application/json" \
              -d "{\"tag_name\":\"${TAG}\",\"name\":\"Adiuva API ${TAG}\",\"body\":\"Deployed to Docker LXC\"}" \
              "${GITEA_URL}/api/v1/repos/${REPO}/releases"
            echo "✅ Release ${TAG} created"
          else
            echo "ℹ️  Release ${TAG} already exists (ID: ${RELEASE_ID})"
          fi