name: Deploy

on:
  push:
    branches: [dev]

env:
  REGISTRY: gitea.d3m0k1d.ru

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Setup SSH
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
          chmod 600 ~/.ssh/id_rsa

      - name: Install Ansible
        run: apt update && apt install -y ansible

      - name: Login to registry
        run: echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login $REGISTRY -u "${{ secrets.REGISTRY_USER }}" --password-stdin

      - name: Build and push
        run: |
          IMAGE=$REGISTRY/hellreign/frontend
          docker build -f dockerfile -t $IMAGE:dev -t $IMAGE:latest .
          docker push $IMAGE:dev
          docker push $IMAGE:latest

      - name: Deploy
        run: |
          echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > .vault_pass
          ansible-playbook -i infra/ansible/inventory/hosts.yml infra/ansible/playbook.yml \
            --vault-password-file .vault_pass \
            -e registry=$REGISTRY \
            -e tag=latest
          rm .vault_pass