chore: add k8s and docker as service to agent and update logic for ansible deploy

backend/internal/handlers/agent_deploy.go

@@ -29,22 +29,33 @@ func NewAgentDeployGroup(h *Handlers) *AgentDeployGroup {
 		grpcPort = "9001"
 	}
 
+	grpcHost := os.Getenv("GRPC_SERVER_HOST")
+	if grpcHost == "" {
+		grpcHost = "0.0.0.0"
+	}
+
 	backendURL := os.Getenv("BACKEND_URL")
 	if backendURL == "" {
 		backendURL = "http://localhost:8080"
 	}
 
+	giteaURL := os.Getenv("GITEA_RELEASES_URL")
+	if giteaURL == "" {
+		giteaURL = "https://gitea.d3m0k1d.ru/d3m0k1d/HellreigN/releases/latest/download"
+	}
+
 	exec := ansible.NewExecutor(ansible.ExecutorConfig{
 		WorkDir:        workDir,
-		GRPCServerHost: "0.0.0.0", // TODO: make configurable
+		GRPCServerHost: grpcHost,
 		GRPCServerPort: grpcPort,
 		BackendURL:     backendURL,
+		GiteaReleasesURL: giteaURL,
 	})
 
 	// Write playbooks on init
 	if err := exec.WriteAllPlaybooks(); err != nil {
-		// Log but don't fail - playbooks can be written later
-		_ = err
+		// Log the error - deployment will fail later if playbooks can't be written
+		fmt.Fprintf(os.Stderr, "WARNING: failed to write Ansible playbooks: %v\n", err)
 	}
 
 	return &AgentDeployGroup{
@@ -72,6 +83,48 @@ func (adg *AgentDeployGroup) DeployAgents(c *gin.Context) {
 		return
 	}
 
+	// Validate auth credentials for each server
+	for i, server := range req.Servers {
+		switch server.AuthMethod {
+		case repository.AuthMethodKey:
+			if server.SSHKey == "" {
+				c.JSON(http.StatusBadRequest, gin.H{
+					"error": fmt.Sprintf("server %d (%s): sshKey is required when authMethod is 'key'", i, server.IP),
+				})
+				return
+			}
+		case repository.AuthMethodPassword:
+			if server.Password == "" {
+				c.JSON(http.StatusBadRequest, gin.H{
+					"error": fmt.Sprintf("server %d (%s): password is required when authMethod is 'password'", i, server.IP),
+				})
+				return
+			}
+		default:
+			c.JSON(http.StatusBadRequest, gin.H{
+				"error": fmt.Sprintf("server %d (%s): invalid authMethod %q, expected 'key' or 'password'", i, server.IP, server.AuthMethod),
+			})
+			return
+		}
+	}
+
+	// Pre-flight check: verify community.docker collection is available for docker deployments
+	needsDockerCollection := false
+	for _, server := range req.Servers {
+		if server.DeployType == repository.DeployTypeDocker {
+			needsDockerCollection = true
+			break
+		}
+	}
+	if needsDockerCollection {
+		if err := adg.executor.CheckDockerCollection(); err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{
+				"error": fmt.Sprintf("Docker deployment requires 'community.docker' Ansible collection: %v", err),
+			})
+			return
+		}
+	}
+
 	// Create work directory
 	workDir := adg.executor.WorkDir()
 	if err := os.MkdirAll(workDir, 0755); err != nil {
@@ -123,6 +176,8 @@ func (adg *AgentDeployGroup) DeployAgents(c *gin.Context) {
 
 		inventoryPath := filepath.Join(workDir, fmt.Sprintf("inventory_%d_%d", timestamp, i))
 		if err := ansible.GenerateInventory(inventoryHosts, inventoryPath); err != nil {
+			// Rollback: delete the token we just created
+			_ = adg.Repo.DeleteRegistrationToken(token)
 			results = append(results, repository.DeployResult{
 				IP:         server.IP,
 				AgentLabel: server.AgentLabel,
@@ -136,10 +191,14 @@ func (adg *AgentDeployGroup) DeployAgents(c *gin.Context) {
 		// Run Ansible playbook for this server
 		deployResults, err := adg.executor.Deploy(ctx, inventoryPath, string(server.DeployType))
 
-		// Clean up inventory file
-		os.Remove(inventoryPath)
+		// Clean up inventory file (log error but don't fail deployment)
+		if cleanupErr := os.Remove(inventoryPath); cleanupErr != nil {
+			fmt.Fprintf(os.Stderr, "WARNING: failed to remove inventory file %s: %v\n", inventoryPath, cleanupErr)
+		}
 
 		if err != nil {
+			// Rollback: delete the token since deployment failed
+			_ = adg.Repo.DeleteRegistrationToken(token)
 			results = append(results, repository.DeployResult{
 				IP:         server.IP,
 				AgentLabel: server.AgentLabel,
@@ -155,6 +214,8 @@ func (adg *AgentDeployGroup) DeployAgents(c *gin.Context) {
 		if len(deployResults) > 0 && !deployResults[0].Success {
 			success = false
 			errMsg = deployResults[0].Stderr
+			// Rollback: delete the token since ansible playbook reported failure
+			_ = adg.Repo.DeleteRegistrationToken(token)
 		}
 
 		results = append(results, repository.DeployResult{