# FleetDM Stack - Gitea Actions
# CI: lint on every push (skips docs-only changes)
# Semantic Release: auto-bump version on push to main/master
#   - merge from feature/* branch → major bump
#   - any other commit (fix, chore, etc.) → patch bump
# Release: package Helm chart and publish to Gitea Releases

name: Helm Chart CI & Release

on:
  push:
    branches:
      - main
      - master
    paths-ignore:
      - 'docs/**'
      - 'README.md'
      - 'STATUS.md'
      - 'AGENTS.md'
      - 'TASKS.md'
      - '.gitignore'
      - 'djinni-*/**'
  pull_request:
    branches:
      - main
      - master

jobs:
  lint:
    name: Lint Helm Chart
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        run: |
          git clone --depth=1 https://${{ gitea.actor }}:${{ gitea.token }}@git.produktor.io/${{ gitea.repository }}.git .
          git checkout ${{ gitea.sha }}

      - name: Install Helm
        run: |
          curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
          helm version

      - name: Lint chart
        run: |
          helm dependency update fleetdm-stack/
          helm lint fleetdm-stack/
          helm template fleetdm-stack fleetdm-stack/ --namespace fleetdm > /dev/null

  semantic-release:
    name: Semantic Release
    runs-on: ubuntu-latest
    needs: lint
    if: gitea.event_name == 'push'
    permissions:
      contents: write
    steps:
      - name: Checkout (full history for tags)
        run: |
          git clone https://${{ gitea.actor }}:${{ gitea.token }}@git.produktor.io/${{ gitea.repository }}.git .
          git fetch --tags

      - name: Determine version bump
        id: version
        run: |
          LATEST_TAG=$(git tag -l 'v*' --sort=-v:refname | head -1)
          if [ -z "$LATEST_TAG" ]; then
            LATEST_TAG="v0.0.0"
          fi
          echo "Latest tag: $LATEST_TAG"

          VER="${LATEST_TAG#v}"
          MAJOR=$(echo "$VER" | cut -d. -f1)
          MINOR=$(echo "$VER" | cut -d. -f2)
          PATCH=$(echo "$VER" | cut -d. -f3)

          COMMIT_MSG=$(git log -1 --format='%s' ${{ gitea.sha }})
          echo "Commit message: $COMMIT_MSG"

          IS_FEATURE="false"
          if echo "$COMMIT_MSG" | grep -qiE "^Merge.*feature/"; then
            IS_FEATURE="true"
          fi
          if git log -1 --format='%P' ${{ gitea.sha }} | grep -q ' '; then
            MERGE_BRANCH=$(git log -1 --format='%s' ${{ gitea.sha }} | grep -oE "feature/[^ '\"]*" || true)
            if [ -n "$MERGE_BRANCH" ]; then
              IS_FEATURE="true"
            fi
          fi

          if [ "$IS_FEATURE" = "true" ]; then
            MAJOR=$((MAJOR + 1))
            MINOR=0
            PATCH=0
            BUMP="major"
          else
            PATCH=$((PATCH + 1))
            BUMP="patch"
          fi

          NEW_VER="${MAJOR}.${MINOR}.${PATCH}"
          echo "Bump: $BUMP → v${NEW_VER}"
          echo "new_version=${NEW_VER}" >> "$GITHUB_OUTPUT"
          echo "new_tag=v${NEW_VER}" >> "$GITHUB_OUTPUT"
          echo "bump_type=${BUMP}" >> "$GITHUB_OUTPUT"

      - name: Install Helm
        run: |
          curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash

      - name: Update Chart.yaml version
        run: |
          sed -i "s/^version: .*/version: ${{ steps.version.outputs.new_version }}/" fleetdm-stack/Chart.yaml
          echo "Chart.yaml version set to ${{ steps.version.outputs.new_version }}"
          grep '^version:' fleetdm-stack/Chart.yaml

      - name: Package chart
        run: |
          helm dependency update fleetdm-stack/
          helm package fleetdm-stack/
          mkdir -p .tmp
          mv fleetdm-stack-*.tgz .tmp/
          ls -la .tmp/

      - name: Mirror FleetDM image to Gitea registry
        run: |
          APP_VER=$(grep '^appVersion:' fleetdm-stack/Chart.yaml | awk '{print $2}' | tr -d '"')
          CHART_TAG="${{ steps.version.outputs.new_tag }}"
          SRC="fleetdm/fleet:v${APP_VER}"
          DST="git.produktor.io/${{ gitea.repository }}/fleet"

          echo "${{ gitea.token }}" | docker login git.produktor.io -u "${{ gitea.actor }}" --password-stdin
          docker pull "${SRC}"
          docker tag "${SRC}" "${DST}:${APP_VER}"
          docker tag "${SRC}" "${DST}:${CHART_TAG}"
          docker tag "${SRC}" "${DST}:latest"
          docker push "${DST}:${APP_VER}"
          docker push "${DST}:${CHART_TAG}"
          docker push "${DST}:latest"
          echo "Mirrored ${SRC} → ${DST}:{${APP_VER},${CHART_TAG},latest}"

      - name: Create tag
        run: |
          git config user.name "Gitea Actions"
          git config user.email "actions@git.produktor.io"
          git tag -a "${{ steps.version.outputs.new_tag }}" -m "Release ${{ steps.version.outputs.new_tag }} (${{ steps.version.outputs.bump_type }})"
          git push https://${{ gitea.actor }}:${{ gitea.token }}@git.produktor.io/${{ gitea.repository }}.git "${{ steps.version.outputs.new_tag }}"

      - name: Create Gitea Release
        run: |
          TAG="${{ steps.version.outputs.new_tag }}"
          BUMP="${{ steps.version.outputs.bump_type }}"
          API="https://git.produktor.io/api/v1/repos/${{ gitea.repository }}/releases"
          TOKEN="${{ gitea.token }}"

          RELEASE=$(curl -sf -X POST "$API" \
            -H "Authorization: token $TOKEN" \
            -H "Content-Type: application/json" \
            -d "{\"tag_name\":\"$TAG\",\"name\":\"FleetDM Stack $TAG\",\"body\":\"**${BUMP}** release — \`${TAG}\`\n\nHelm chart for FleetDM Server with MySQL and Redis.\"}")
          RELEASE_ID=$(echo "$RELEASE" | grep -o '"id":[0-9]*' | head -1 | cut -d: -f2)
          echo "Created release ID: $RELEASE_ID"

          for f in .tmp/*.tgz; do
            FNAME=$(basename "$f")
            curl -sf -X POST "$API/$RELEASE_ID/assets?name=$FNAME" \
              -H "Authorization: token $TOKEN" \
              -H "Content-Type: application/octet-stream" \
              --data-binary "@$f"
            echo "Uploaded: $FNAME"
          done