# Build and Publish Docker image (runs on push to main - deploy manually)
# Secrets required in Woodpecker: gitea_registry_username, gitea_package_token, discord_webhook_url
# Project must be set to "Trusted" in Woodpecker for the Docker build step (privileged).
when:
  branch: main
  event: push

steps:
  - name: Docker image build
    image: docker:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    commands:
      - set -e
      - echo "=== Building Docker image ==="
      - 'echo "Commit SHA: ${CI_COMMIT_SHA:0:8}"'
      - |
        docker build \
          --tag git.mifi.dev/mifi-holdings/mail-autoconfig:${CI_COMMIT_SHA} \
          --tag git.mifi.dev/mifi-holdings/mail-autoconfig:latest \
          --label "git.commit=${CI_COMMIT_SHA}" \
          --label "git.branch=${CI_COMMIT_BRANCH}" \
          .

  - name: Send Build Status Notification (failure)
    image: curlimages/curl
    environment:
      DISCORD_WEBHOOK_URL:
        from_secret: discord_webhook_url
    commands:
      - |
        BODY=$(printf '{"username":"WoodpeckerBot","content":"[%s - Build #%s] Build failure 💩"}' "$CI_REPO" "$CI_PIPELINE_NUMBER")
        curl -sS -X POST -H "Content-Type: application/json" -d "$BODY" "$DISCORD_WEBHOOK_URL"
    depends_on:
      - Docker image build
    when:
      - status: [ failure ]

  - name: Push to registry
    image: docker:latest
    environment:
      REGISTRY_URL: git.mifi.dev
      REGISTRY_REPO: git.mifi.dev/mifi-holdings/mail-autoconfig
      REGISTRY_USERNAME:
        from_secret: gitea_registry_username
      REGISTRY_PASSWORD:
        from_secret: gitea_package_token
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    depends_on:
      - Docker image build
    commands:
      - set -e
      - echo "=== Pushing to registry ==="
      - echo "$REGISTRY_PASSWORD" | docker login "$REGISTRY_URL" -u "$REGISTRY_USERNAME" --password-stdin
      - docker push $REGISTRY_REPO:${CI_COMMIT_SHA}
      - docker push $REGISTRY_REPO:latest
      - echo "✓ Images pushed successfully"

  - name: Send Deploy Status Notification (success)
    image: curlimages/curl
    environment:
      DISCORD_WEBHOOK_URL:
        from_secret: discord_webhook_url
    commands:
      - |
        BODY=$(printf '{"username":"WoodpeckerBot","content":"[%s - Build #%s] Publish success 🎉"}' "$CI_REPO" "$CI_PIPELINE_NUMBER")
        curl -sS -X POST -H "Content-Type: application/json" -d "$BODY" "$DISCORD_WEBHOOK_URL"
    depends_on:
      - Push to registry
    when:
      - status: [ success ]

  - name: Send Deploy Status Notification (failure)
    image: curlimages/curl
    environment:
      DISCORD_WEBHOOK_URL:
        from_secret: discord_webhook_url
    commands:
      - |
        BODY=$(printf '{"username":"WoodpeckerBot","content":"[%s - Build #%s] Publish failure 💩"}' "$CI_REPO" "$CI_PIPELINE_NUMBER")
        curl -sS -X POST -H "Content-Type: application/json" -d "$BODY" "$DISCORD_WEBHOOK_URL"
    depends_on:
      - Push to registry
    when:
      - status: [ failure ]