# Woodpecker CI - Admin build + GitOps update
#
# Secrets required:
# - REGISTRY_HOSTPORT, REGISTRY_USERNAME, REGISTRY_PASSWORD (existing)
# - GITOPS_REPO_URL, GITOPS_BRANCH, GITOPS_TOKEN, GITOPS_USERNAME, GITOPS_EMAIL

when:
  branch: [main, high-performance]
  event: push

steps:
  - name: build-and-push
    image: woodpeckerci/plugin-kaniko:2.1.1
    settings:
      registry:
        from_secret: REGISTRY_HOSTPORT
      repo: nxtgauge-admin-solid
      dockerfile: Dockerfile.simple
      tags:
        - ${CI_COMMIT_SHA}
        - latest
        - high-performance-latest
      username:
        from_secret: GHCR_USERNAME
      password:
        from_secret: GHCR_TOKEN
      insecure: true
      insecure_pull: true
      skip_tls_verify: true
      platforms: linux/amd64
      cache: false

  - name: update-gitops
    image: alpine:latest
    environment:
      GITOPS_REPO_URL:
        from_secret: GITOPS_REPO_URL
      GITOPS_BRANCH:
        from_secret: GITOPS_BRANCH
      GITOPS_TOKEN:
        from_secret: GITOPS_TOKEN
    commands:
      - |
        set -e
        apk add --no-cache git bash sed

        echo "Updating GitOps for nxtgauge-admin-solid"

        # Clone gitops repo
        GIT_REPO=$(echo "${GITOPS_REPO_URL}" | sed 's|https://||')
        git clone "https://x-access-token:${GITOPS_TOKEN}@${GIT_REPO}" /tmp/gitops
        cd /tmp/gitops
        git checkout ${GITOPS_BRANCH:-main}

        # Update admin overlay
        ADMIN_OVERLAY="apps/nxtgauge-admin-solid/overlays/prod"
        if [ -f "${ADMIN_OVERLAY}/kustomization.yaml" ]; then
          sed -i "s|image: registry.nxtgauge.com:5000/nxtgauge-admin-solid:.*|image: registry.nxtgauge.com:5000/nxtgauge-admin-solid:${CI_COMMIT_SHA}|" \
            ${ADMIN_OVERLAY}/kustomization.yaml
          echo "Updated admin image to ${CI_COMMIT_SHA}"
        fi

        # Also update base if needed
        ADMIN_BASE="apps/nxtgauge-admin-solid/base"
        if [ -f "${ADMIN_BASE}/deployment.yaml" ]; then
          sed -i "s|image: registry.nxtgauge.com:5000/nxtgauge-admin-solid.*|image: registry.nxtgauge.com:5000/nxtgauge-admin-solid:${CI_COMMIT_SHA}|" \
            ${ADMIN_BASE}/deployment.yaml
          echo "Updated admin base deployment"
        fi

        # Commit if changed
        if ! git diff --quiet; then
          git add -A
          git commit -m "ci: update nxtgauge-admin-solid to ${CI_COMMIT_SHA:0:8}"
          git push origin ${GITOPS_BRANCH:-main}
          echo "Pushed GitOps update"
        else
          echo "No changes to push"
        fi
    when:
      status: success