name: Deploy to Production

on:
  push:
    branches:
      - prod

jobs:
  validate:
    name: Validate Build & Lint
    runs-on: ubuntu-latest
    strategy:
      matrix:
        component: [backend, frontend, documentation]
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Install pnpm
        uses: pnpm/action-setup@v4
        with:
          version: 9

      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
          node-version: 20

      - name: Get pnpm store directory
        id: pnpm-cache
        shell: bash
        run: |
          echo "STORE_PATH=$(pnpm store path --silent)" >> "${GITEA_OUTPUT:-$GITHUB_OUTPUT}"

      - name: Setup pnpm cache
        uses: actions/cache@v4
        with:
          path: ${{ steps.pnpm-cache.outputs.STORE_PATH }}
          key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
          restore-keys: |
            ${{ runner.os }}-pnpm-store-

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Lint ${{ matrix.component }}
        run: pnpm -F @memegoat/${{ matrix.component }} lint

      - name: Build ${{ matrix.component }}
        run: pnpm -F @memegoat/${{ matrix.component }} build
        env:
          NEXT_PUBLIC_API_URL: ${{ secrets.NEXT_PUBLIC_API_URL }}

  deploy:
    name: Deploy to Production
    needs: validate
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Deploy with Docker Compose
        run: |
          docker compose -f docker-compose.prod.yml up -d --build
        env:
          BACKEND_PORT: ${{ secrets.BACKEND_PORT }}
          FRONTEND_PORT: ${{ secrets.FRONTEND_PORT }}
          POSTGRES_HOST: ${{ secrets.POSTGRES_HOST }}
          POSTGRES_PORT: ${{ secrets.POSTGRES_PORT }}
          POSTGRES_USER: ${{ secrets.POSTGRES_USER }}
          POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
          POSTGRES_DB: ${{ secrets.POSTGRES_DB }}
          REDIS_HOST: ${{ secrets.REDIS_HOST }}
          REDIS_PORT: ${{ secrets.REDIS_PORT }}
          S3_ENDPOINT: ${{ secrets.S3_ENDPOINT }}
          S3_PORT: ${{ secrets.S3_PORT }}
          S3_ACCESS_KEY: ${{ secrets.S3_ACCESS_KEY }}
          S3_SECRET_KEY: ${{ secrets.S3_SECRET_KEY }}
          S3_BUCKET_NAME: ${{ secrets.S3_BUCKET_NAME }}
          JWT_SECRET: ${{ secrets.JWT_SECRET }}
          ENCRYPTION_KEY: ${{ secrets.ENCRYPTION_KEY }}
          PGP_ENCRYPTION_KEY: ${{ secrets.PGP_ENCRYPTION_KEY }}
          SESSION_PASSWORD: ${{ secrets.SESSION_PASSWORD }}
          MAIL_HOST: ${{ secrets.MAIL_HOST }}
          MAIL_PASS: ${{ secrets.MAIL_PASS }}
          MAIL_USER: ${{ secrets.MAIL_USER }}
          MAIL_FROM: ${{ secrets.MAIL_FROM }}
          DOMAIN_NAME: ${{ secrets.DOMAIN_NAME }}
          NEXT_PUBLIC_API_URL: ${{ secrets.NEXT_PUBLIC_API_URL }}