stages:
  - deploy

deploy-dev:
  stage: deploy
  image: alpine:3.20

  rules:
    - if: '$CI_COMMIT_BRANCH == "development"'
      when: on_success
    - when: never

  variables:
    DEPLOY_APP: "LTI-MBUGROUP"
    GIT_SUBMODULE_STRATEGY: recursive
    GIT_DEPTH: "1"

  before_script:
    - echo "🧰 Installing dependencies..."
    - apk update && apk add --no-cache openssh git curl bash

    # Setup SSH di runner
    - mkdir -p ~/.ssh
    - echo "$SSH_PRIVATE_KEY" | tr -d '\r' > ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa
    - eval "$(ssh-agent -s)"
    - ssh-add ~/.ssh/id_rsa

    # Trust host keys (server + gitlab) biar SSH gak nanya interaktif
    - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts
    - ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts

  script:
    - echo "🚀 Deploying latest code to $SERVER_USER@$SERVER_IP"
    - >
      if ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" "
        set -e

        cd /home/devops/docker/deployment/development/lti-api

        # Pastikan remote origin SSH (antisipasi kalau pernah ke-set HTTPS)
        git remote set-url origin git@gitlab.com:mbugroup/lti-api.git

        # Pastikan server percaya gitlab.com juga (untuk git fetch via SSH)
        mkdir -p ~/.ssh
        ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts

        # Fetch/reset pakai SSH
        GIT_SSH_COMMAND='ssh -o StrictHostKeyChecking=no' git fetch origin development
        git reset --hard origin/development

        docker compose restart dev-api-lti || docker compose up -d dev-api-lti
      "; then
        STATUS='success';
      else
        STATUS='failed';
      fi;

      RUN_URL="${CI_PROJECT_URL}/-/pipelines/${CI_PIPELINE_ID}";

      if [ "$STATUS" = "success" ]; then
        COLOR=3066993;
        TITLE="✅ Deployment API Succeeded";
        DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` completed successfully.";
      else
        COLOR=15158332;
        TITLE="❌ Deployment API Failed Gaes";
        DESC="Deployment job on branch \`${CI_COMMIT_REF_NAME}\` failed.";
      fi;

      echo "{
        \"username\": \"CI Bot\",
        \"embeds\": [{
          \"title\": \"$TITLE\",
          \"description\": \"$DESC\",
          \"color\": $COLOR,
          \"fields\": [
            {\"name\": \"Repository\", \"value\": \"${CI_PROJECT_PATH}\", \"inline\": true},
            {\"name\": \"Actor\", \"value\": \"${GITLAB_USER_LOGIN}\", \"inline\": true},
            {\"name\": \"Commit\", \"value\": \"${CI_COMMIT_SHA}\", \"inline\": false},
            {\"name\": \"Pipeline\", \"value\": \"[Open run](${RUN_URL})\", \"inline\": false}
          ]
        }]
      }" > payload.json;

      echo "📡 Sending notification to Discord...";
      curl -sS -H "Content-Type: application/json" \
        -d @payload.json "$DISCORD_WEBHOOK_URL";

  environment:
    name: development