stages:
  - build
  - deploy

variables:
  DOCKER_BUILDKIT: "1"
  COMPOSE_DOCKER_CLI_BUILD: "1"
  DOCKER_DRIVER: overlay2
  IMAGE_NAME: "$CI_REGISTRY_IMAGE/web-lti:development_${CI_COMMIT_SHORT_SHA}"
  NPM_CACHE_DIR: "$CI_PROJECT_DIR/.npm"

cache:
  key: npm-cache
  paths:
    - .npm/

# =========================
# 🏗️ BUILD STAGE
# =========================
build-image:
  stage: build
  image: docker:27.0.3
  services:
    - docker:dind

  before_script:
    - echo "Logging in to GitLab Container Registry..."
    - echo "$CI_REGISTRY_PASSWORD" | docker login -u "$CI_REGISTRY_USER" --password-stdin "$CI_REGISTRY"

  script:
    - echo "Building optimized Docker image..."
    - docker build --build-arg BUILDKIT_INLINE_CACHE=1 --cache-from "$CI_REGISTRY_IMAGE/web-lti:latest" -t "$IMAGE_NAME" .
    - docker push "$IMAGE_NAME"
    - echo "Cleaning old images..."
    - docker image prune -af --filter "until=72h"

  rules:
    - if: '$CI_COMMIT_BRANCH == "development"'

# =========================
# 🚀 DEPLOY STAGE
# =========================
deploy-dev:
  stage: deploy
  image: alpine:3.20

  before_script:
    - echo "Installing dependencies..."
    - apk add --no-cache openssh curl
    - mkdir -p ~/.ssh
    - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa
    - eval $(ssh-agent -s)
    - ssh-add ~/.ssh/id_rsa
    - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts

  script:
    - echo "Deploying image to $SERVER_USER@$SERVER_IP"
    - >
      ssh -o StrictHostKeyChecking=no "$SERVER_USER@$SERVER_IP" "
        docker pull $CI_REGISTRY_IMAGE/web-lti:development_${CI_COMMIT_SHORT_SHA} &&
        docker stop dev-web-lti || true &&
        docker rm dev-web-lti || true &&
        docker run -d --name dev-web-lti \
          --network dev-lti-network \
          -p 3002:3000 \
          $CI_REGISTRY_IMAGE/web-lti:development_${CI_COMMIT_SHORT_SHA}
      "

  rules:
    - if: '$CI_COMMIT_BRANCH == "development"'