name: build-and-deploy

on:
  push:
    branches: [ main ]

jobs:
#───────────────── build & push ─────────────────
  build:
    runs-on: docker
    env:
      REG: gitea.nucleoriofrio.com/nucleo000
    steps:
      - uses: actions/checkout@v3
      - uses: docker/setup-buildx-action@v2
      - uses: docker/login-action@v2
        with:
          registry: gitea.nucleoriofrio.com
          username: nucleo000
          password: 7bc7b2fcd283bd6a251bef3ede368b7f897c919d

      - name: Build+push repodructor
        run: |
          docker build -t $REG/repodructor:${{ github.sha }} -t $REG/repodructor:latest .
          docker push $REG/repodructor:${{ github.sha }}
          docker push $REG/repodructor:latest

#───────────────── deploy ─────────────────
  deploy:
    needs: build
    runs-on: docker
    env:
      REG: gitea.nucleoriofrio.com/nucleo000
      NAS_PASSWORD: ${{ secrets.NAS_PASSWORD }}
    steps:
      - uses: actions/checkout@v3
      - name: Login to registry
        run: docker login gitea.nucleoriofrio.com -u nucleo000 -p 7bc7b2fcd283bd6a251bef3ede368b7f897c919d

      - name: Create environment file
        run: echo "NAS_PASSWORD=${{ secrets.NAS_PASSWORD }}" > .env

      - name: Pull fresh images used in compose
        run: docker compose pull

      - name: Clean up stack
        run: docker compose --project-name repodructor down

      - name: Update stack
        run: docker compose --project-name repodructor up -d --remove-orphans --wait