name: Deploy NestJS API
on: [push]

jobs:
  build-and-push-deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Login no Harbor
        run: |
          echo "${{ secrets.HARBOR_PASSWORD }}" | docker login 172.35.0.216 -u ${{ secrets.HARBOR_USERNAME }} --password-stdin

      - name: Build e Push
        run: |
          # Tag imutável para Rollback (SHA do Git)
          TAG=${{ gitea.sha }}
          docker build -t 172.35.0.216/library/api-teste:$TAG .
          docker tag 172.35.0.216/library/api-teste:$TAG 172.35.0.216/library/api-teste:latest
          
          docker push 172.35.0.216/library/api-teste:$TAG
          docker push 172.35.0.216/library/api-teste:latest

      - name: Deploy Automático via SSH
        uses: https://github.com/appleboy/ssh-action@master
        with:
          host: 172.35.0.216
          username: root
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          script: |
            docker service update \
              --image 172.35.0.216/library/api-teste:latest \
              --with-registry-auth \
              api_teste_service || \
            docker service create \
              --name api_teste_service \
              --publish 3001:3000 \
              --with-registry-auth \
              172.35.0.216/library/api-teste:latest