---
name: CI/CD Pipeline

on:
  push:
    branches: [main, flip_dev]

jobs:
  lint:
    runs-on: docker
    container:
      image: node:20-bullseye
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Install Python & linters
        run: |
          apt-get update && apt-get install -y python3 python3-pip bash git
          pip3 install --upgrade pip
          pip3 install yamllint ansible-lint

      - name: Run linters
        run: |
          yamllint .
    
  deploy:
    runs-on: docker
    container:
      image: node:20-bullseye
    needs: build
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Install Ansible & dependencies
        run: |
          apt-get update && apt-get install -y python3 python3-pip openssh-client bash git
          pip3 install --upgrade pip
          pip3 install ansible
      
      - name: Setup SSH key with passphrase
        run: |
          mkdir -p ~/.ssh
          printf "%s\n" "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          ssh-keyscan -H 213.95.90.157 >> ~/.ssh/known_hosts
          eval "$(ssh-agent -s)"
          ssh-add ~/.ssh/id_rsa <<< "${{ secrets.SSH_PASSPHRASE }}"


      - name: Run Ansible deployment
        run: |
          if [ -n "$SSH_PASSPHRASE" ]; then
            eval "$(ssh-agent -s)"
            ssh-add ~/.ssh/id_rsa <<< "$SSH_PASSPHRASE"
          fi
          ansible-playbook -i ansible/inventory.yaml site.yaml