name: Build and Deploy

on:
  release:
    types: [published]

jobs:
  build:
    name: Build release archive
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Setup Node
        uses: actions/setup-node@v4
        with:
          node-version: 24
          cache: pnpm

      - name: Setup pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 11

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Build release archive
        run: pnpm build:tar

      - name: Upload build artifact
        uses: maxsargentdev/gitea-upload-artifact@v4
        with:
          name: dist-archive
          path: dist.tar.gz
          retention-days: 1

  upload-release-asset:
    name: Upload to Gitea Release
    needs: build
    runs-on: ubuntu-latest

    steps:
      - name: Download build artifact
        uses: christopherHX/gitea-download-artifact@v4
        with:
          name: dist-archive

      - name: Upload to Gitea Release
        run: |
          set -e
          RELEASE_ID=$(jq -r '.release.id' "$GITEA_EVENT_PATH")
          URL="${GITEA_SERVER_URL}/api/v1/repos/${GITEA_REPOSITORY}/releases/${RELEASE_ID}/assets?name=dist.tar.gz"
          curl -fsSL \
            -X POST \
            -H "Authorization: token ${GITEA_TOKEN}" \
            -H "Content-Type: application/gzip" \
            --data-binary "@dist.tar.gz" \
            "${URL}"

  deploy-to-server:
    name: Deploy to onixbyte.cn
    needs: build
    runs-on: ubuntu-latest

    steps:
      - name: Download build artifact
        uses: christopherHX/gitea-download-artifact@v4
        with:
          name: dist-archive

      - name: Upload archive to server
        env:
          DEPLOY_HOST: ${{ vars.DEPLOY_HOST }}
          DEPLOY_USER: ${{ vars.DEPLOY_USER }}
          DEPLOY_PORT: ${{ vars.DEPLOY_PORT }}
          DEPLOY_SSH_KEY: ${{ secrets.DEPLOY_SSH_KEY }}
        run: |
          set -e
          SSH_DIR="${RUNNER_TEMP}/ssh"
          mkdir -p "$SSH_DIR"
          chmod 700 "$SSH_DIR"
          printf '%s\n' "$DEPLOY_SSH_KEY" > "$SSH_DIR/key"
          chmod 600 "$SSH_DIR/key"
          scp -i "$SSH_DIR/key" \
              -P "$DEPLOY_PORT" \
              -o StrictHostKeyChecking=accept-new \
              -o UserKnownHostsFile="$SSH_DIR/known_hosts" \
              dist.tar.gz \
              "${DEPLOY_USER}@${DEPLOY_HOST}:/tmp/dist.tar.gz"
          rm -rf "$SSH_DIR"

      - name: Extract archive and deploy
        uses: appleboy/ssh-action@v1.0.3
        with:
          host: ${{ vars.DEPLOY_HOST }}
          username: ${{ vars.DEPLOY_USER }}
          port: ${{ vars.DEPLOY_PORT }}
          key: ${{ secrets.DEPLOY_SSH_KEY }}
          script_stop: true
          script: |
            set -e
            DEPLOY_PATH="${{ vars.DEPLOY_PATH }}"
            mkdir -p "$DEPLOY_PATH"
            rm -rf "$DEPLOY_PATH"/*
            tar -xzf /tmp/dist.tar.gz -C "$DEPLOY_PATH" --strip-components=1
            chown -R caddy:caddy "$DEPLOY_PATH"
            rm -f /tmp/dist.tar.gz