# Woodpecker CI/CD Pipeline für Production Deployments
# Datei: .woodpecker-deployment.yml

when:
  - event: [push, manual, deployment]
    branch: [main, production]

variables:
  - &production_host "prod-server.pp1l.de"
  - &deploy_user "gameadm"

steps:
  # Build und Test Phase (aus existing Pipeline)
  build_test:
    image: alpine:latest
    commands:
      - echo "Führe Build und Tests durch..."
      - apk add --no-cache bash curl git
      - bash -n bin/gameadm
      - bash -n bin/gameadm-quadlet
      - echo "Build Tests erfolgreich"

  # Production Deployment Vorbereitung
  prepare_deployment:
    image: alpine:latest
    commands:
      - echo "Bereite Production Deployment vor..."
      - apk add --no-cache openssh-client rsync
      - echo "Deployment Vorbereitung abgeschlossen"

  # Minecraft Server Deployment
  deploy_minecraft:
    image: alpine:latest
    secrets: [ssh_private_key, production_host]
    commands:
      - echo "Deploye Minecraft Server auf Production..."
      - apk add --no-cache openssh-client
      - mkdir -p ~/.ssh
      - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
      - chmod 600 ~/.ssh/id_rsa
      - ssh-keyscan -H $PRODUCTION_HOST >> ~/.ssh/known_hosts
      - echo "Übertrage gameadm Updates..."
      - scp -r bin/ modules/ production/ $DEPLOY_USER@$PRODUCTION_HOST:/tmp/gameadm-update/
      - echo "Führe Remote Deployment durch..."
      - ssh $DEPLOY_USER@$PRODUCTION_HOST << 'EOF'
        # Backup der aktuellen Installation
        sudo cp -r /usr/local/bin/gameadm /tmp/gameadm-backup-$(date +%Y%m%d-%H%M%S) || true
        
        # Update gameadm
        sudo cp /tmp/gameadm-update/bin/* /usr/local/bin/
        sudo cp -r /tmp/gameadm-update/modules/* /etc/gameadm/modules/
        sudo cp -r /tmp/gameadm-update/production/* /etc/gameadm/production/
        
        # Quadlet Update
        gameadm-quadlet deploy minecraft
        
        # Zero-Downtime Update
        gameadm-quadlet update minecraft
        
        # Health Check
        sleep 10
        gameadm-quadlet status minecraft
      EOF
      - echo "Minecraft Deployment abgeschlossen"
    when:
      - event: [push, manual]
        branch: main

  # Rust Server Deployment  
  deploy_rust:
    image: alpine:latest
    secrets: [ssh_private_key, production_host]
    commands:
      - echo "Deploye Rust Server auf Production..."
      - apk add --no-cache openssh-client
      - mkdir -p ~/.ssh
      - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
      - chmod 600 ~/.ssh/id_rsa
      - ssh-keyscan -H $PRODUCTION_HOST >> ~/.ssh/known_hosts
      - echo "Führe Rust Deployment durch..."
      - ssh $DEPLOY_USER@$PRODUCTION_HOST << 'EOF'
        # Quadlet Update
        gameadm-quadlet deploy rust
        
        # Zero-Downtime Update
        gameadm-quadlet update rust
        
        # Health Check
        sleep 15
        gameadm-quadlet status rust
      EOF
      - echo "Rust Deployment abgeschlossen"
    when:
      - event: [push, manual]
        branch: main

  # Health Check und Monitoring
  health_check:
    image: alpine:latest
    secrets: [ssh_private_key, production_host]
    commands:
      - echo "Führe Production Health Checks durch..."
      - apk add --no-cache openssh-client curl
      - mkdir -p ~/.ssh
      - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
      - chmod 600 ~/.ssh/id_rsa
      - ssh-keyscan -H $PRODUCTION_HOST >> ~/.ssh/known_hosts
      - echo "Prüfe Service Status..."
      - ssh $DEPLOY_USER@$PRODUCTION_HOST << 'EOF'
        echo "=== Minecraft Status ==="
        gameadm-quadlet status minecraft | head -20
        
        echo "=== Rust Status ==="
        gameadm-quadlet status rust | head -20
        
        echo "=== Container Status ==="
        podman ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
        
        echo "=== Port Checks ==="
        netstat -tlnp | grep -E "(25565|28015)" || echo "Ports werden geprüft..."
      EOF
      - echo "Health Checks abgeschlossen"

  # Rollback Mechanismus (bei Fehlern)
  rollback:
    image: alpine:latest
    secrets: [ssh_private_key, production_host]
    commands:
      - echo "Führe Rollback durch..."
      - apk add --no-cache openssh-client
      - mkdir -p ~/.ssh
      - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
      - chmod 600 ~/.ssh/id_rsa
      - ssh-keyscan -H $PRODUCTION_HOST >> ~/.ssh/known_hosts
      - ssh $DEPLOY_USER@$PRODUCTION_HOST << 'EOF'
        echo "Rollback zu vorheriger Version..."
        # Restore Backup
        latest_backup=$(ls -t /tmp/gameadm-backup-* 2>/dev/null | head -1)
        if [[ -f "$latest_backup" ]]; then
          sudo cp "$latest_backup" /usr/local/bin/gameadm
          echo "Rollback abgeschlossen: $latest_backup"
        else
          echo "Kein Backup gefunden"
        fi
        
        # Restart Services
        gameadm-quadlet restart minecraft
        gameadm-quadlet restart rust
      EOF
    when:
      - event: manual
        evaluate: 'CI_PIPELINE_STATUS == "failure"'

  # Deployment Benachrichtigung
  notify_success:
    image: alpine:latest
    commands:
      - echo "Production Deployment erfolgreich!"
      - echo "Services aktualisiert:"
      - echo "- Minecraft Server: Port 25565"
      - echo "- Rust Server: Port 28015"
      - echo "Monitoring: systemctl status minecraft rust"
      - date
    when:
      - event: [push, manual]
        evaluate: 'CI_PIPELINE_STATUS == "success"'