name: Build and Deploy

on:
  push:
    branches:
      - master

jobs:
  build-and-push:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login to Gitea
        uses: docker/login-action@v3
        with:
          registry: git.ulfrx.dev
          username: ${{ secrets.GIT_USERNAME }}
          password: ${{ secrets.GIT_TOKEN }}

      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: .
          push: true
          tags: |
            git.ulfrx.dev/ulfr/recipe-mockup:latest
            git.ulfrx.dev/ulfr/recipe-mockup:${{ github.sha }}

      - name: Update image tag in infra repo
        run: |
          REPO="ulfr/homelab"
          FILE_PATH="stacks/recipe-mockup/docker-compose.yaml"
          NEW_TAG="${{ github.sha }}"
          API_URL="https://git.ulfrx.dev/api/v1/repos/${REPO}/contents/${FILE_PATH}"

          RESPONSE=$(curl -fsS \
            -H "Authorization: token ${{ secrets.GIT_TOKEN }}" \
            "${API_URL}")

          FILE_SHA=$(echo "$RESPONSE" | jq -r '.sha')
          CONTENT=$(echo "$RESPONSE" | jq -r '.content' | base64 -d)

          UPDATED=$(echo "$CONTENT" | sed "s|git.ulfrx.dev/ulfr/recipe-mockup:[a-zA-Z0-9._-]*|git.ulfrx.dev/ulfr/recipe-mockup:${NEW_TAG}|g")
          ENCODED=$(echo "$UPDATED" | base64 -w 0)

          curl -fsS -X PUT \
            -H "Authorization: token ${{ secrets.GIT_TOKEN }}" \
            -H "Content-Type: application/json" \
            -d "{\"message\":\"deploy: recipe-mockup ${NEW_TAG::7}\",\"content\":\"${ENCODED}\",\"sha\":\"${FILE_SHA}\"}" \
            "${API_URL}"

      - name: Trigger Dockhand redeploy
        run: |
          curl -fsS "${{ secrets.DOCKHAND_WEBHOOK_URL }}?secret=${{ secrets.DOCKHAND_WEBHOOK_SECRET }}"