name: CI/CD Pipeline

on:
  push:
    branches: [ main ]

jobs:
  lint:
    runs-on: docker
    steps:
      - uses: actions/checkout@v4

      - name: Install linters
        run: |
          apk add --no-cache python3 py3-pip
          pip install yamllint ansible-lint

      - name: YAML lint
        run: yamllint .

      - name: Ansible lint
        run: ansible-lint infrastructure/playbooks

  build:
    runs-on: docker
    needs: lint
    steps:
      - uses: actions/checkout@v4

      - name: Login to Gitea Registry
        run: |
          echo "${{ secrets.REGISTRY_PASSWORD }}" | \
          docker login dns.s-martika.com \
            -u "${{ secrets.REGISTRY_USER }}" \
            --password-stdin

      - name: Build Docker image
        run: |
          docker build \
            -t dns.s-martika.com/smartika/snake:latest \
            frontend/

      - name: Push Docker image
        run: |
          docker push dns.s-martika.com/smartika/snake:latest

  deploy:
    runs-on: docker
    needs: build
    steps:
      - uses: actions/checkout@v4

      - name: Setup SSH
        run: |
          apk add --no-cache openssh ansible
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa
          ssh-keyscan -H <SERVER_IP> >> ~/.ssh/known_hosts

      - name: Run Ansible deployment
        run: |
          ansible-playbook \
            -i infrastructure/inventory/hosts \
            infrastructure/playbooks/site.yml