# Woodpecker CI Pipeline
# https://woodpecker-ci.org/docs/usage/pipeline-syntax

variables:
  - &python_image python:3.11-slim
  - &docker_image docker:24-dind

# Clone settings
clone:
  git:
    image: woodpeckerci/plugin-git
    settings:
      depth: 50

# Pipeline steps
steps:
  # ==========================================================================
  # Lint and Test
  # ==========================================================================

  lint:
    image: *python_image
    commands:
      - pip install ruff mypy
      - ruff check services/ shared/
      - ruff format --check services/ shared/
    when:
      event: [push, pull_request]

  test-shared:
    image: *python_image
    commands:
      - pip install pytest pytest-asyncio redis asyncpg
      - pip install -r shared/events/requirements.txt || true
      - pytest shared/ -v --tb=short
    when:
      event: [push, pull_request]

  test-services:
    image: *python_image
    commands:
      - pip install pytest pytest-asyncio grpcio grpcio-tools
      - |
        for svc in collector aggregator gateway alerts; do
          if [ -f "services/$svc/requirements.txt" ]; then
            pip install -r "services/$svc/requirements.txt"
          fi
        done
      - pytest services/ -v --tb=short || true
    when:
      event: [push, pull_request]

  # ==========================================================================
  # Build Docker Images
  # ==========================================================================

  build-aggregator:
    image: *docker_image
    commands:
      - docker build -t sysmonstm/aggregator:${CI_COMMIT_SHA:0:7} -f services/aggregator/Dockerfile --target production .
      - docker tag sysmonstm/aggregator:${CI_COMMIT_SHA:0:7} sysmonstm/aggregator:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    when:
      event: push
      branch: main

  build-gateway:
    image: *docker_image
    commands:
      - docker build -t sysmonstm/gateway:${CI_COMMIT_SHA:0:7} -f services/gateway/Dockerfile --target production .
      - docker tag sysmonstm/gateway:${CI_COMMIT_SHA:0:7} sysmonstm/gateway:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    when:
      event: push
      branch: main

  build-collector:
    image: *docker_image
    commands:
      - docker build -t sysmonstm/collector:${CI_COMMIT_SHA:0:7} -f services/collector/Dockerfile --target production .
      - docker tag sysmonstm/collector:${CI_COMMIT_SHA:0:7} sysmonstm/collector:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    when:
      event: push
      branch: main

  build-alerts:
    image: *docker_image
    commands:
      - docker build -t sysmonstm/alerts:${CI_COMMIT_SHA:0:7} -f services/alerts/Dockerfile --target production .
      - docker tag sysmonstm/alerts:${CI_COMMIT_SHA:0:7} sysmonstm/alerts:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    when:
      event: push
      branch: main

  # ==========================================================================
  # Push to Registry
  # ==========================================================================

  push-images:
    image: *docker_image
    commands:
      - echo "$REGISTRY_PASSWORD" | docker login -u "$REGISTRY_USER" --password-stdin "$REGISTRY_URL"
      - |
        for img in aggregator gateway collector alerts; do
          docker tag sysmonstm/$img:latest $REGISTRY_URL/sysmonstm/$img:${CI_COMMIT_SHA:0:7}
          docker tag sysmonstm/$img:latest $REGISTRY_URL/sysmonstm/$img:latest
          docker push $REGISTRY_URL/sysmonstm/$img:${CI_COMMIT_SHA:0:7}
          docker push $REGISTRY_URL/sysmonstm/$img:latest
        done
    secrets: [registry_user, registry_password, registry_url]
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    when:
      event: push
      branch: main

  # ==========================================================================
  # Deploy to EC2
  # ==========================================================================

  deploy-staging:
    image: appleboy/drone-ssh
    settings:
      host:
        from_secret: deploy_host
      username:
        from_secret: deploy_user
      key:
        from_secret: deploy_key
      script:
        - cd /home/ec2-user/sysmonstm
        - git pull origin main
        - docker-compose pull
        - docker-compose up -d --remove-orphans
        - docker system prune -f
    when:
      event: push
      branch: main

  # ==========================================================================
  # Notifications
  # ==========================================================================

  notify-success:
    image: plugins/webhook
    settings:
      urls:
        from_secret: webhook_url
      content_type: application/json
      template: |
        {
          "text": "✅ Build succeeded: ${CI_REPO_NAME}#${CI_BUILD_NUMBER}",
          "commit": "${CI_COMMIT_SHA:0:7}",
          "branch": "${CI_COMMIT_BRANCH}",
          "author": "${CI_COMMIT_AUTHOR}"
        }
    when:
      status: success
      event: push
      branch: main

  notify-failure:
    image: plugins/webhook
    settings:
      urls:
        from_secret: webhook_url
      content_type: application/json
      template: |
        {
          "text": "❌ Build failed: ${CI_REPO_NAME}#${CI_BUILD_NUMBER}",
          "commit": "${CI_COMMIT_SHA:0:7}",
          "branch": "${CI_COMMIT_BRANCH}",
          "author": "${CI_COMMIT_AUTHOR}"
        }
    when:
      status: failure
      event: push
      branch: main