stages:
  - publish
  - deploy

variables:
  REGISTRY: registry.gitlab.com/$CI_PROJECT_PATH

.deploy_setup: &deploy_setup
  image: alpine:latest
  before_script:
    - apk add --no-cache openssh-client
    - eval $(ssh-agent -s)
    - echo "$VPS_SSH_KEY" | ssh-add -
    - mkdir -p ~/.ssh
    - echo "$VPS_HOST_KEY" >> ~/.ssh/known_hosts

publish:
  stage: publish
  image: docker:27
  services:
    - docker:27-dind
  variables:
    DOCKER_TLS_CERTDIR: ""
  before_script:
    - echo "$CI_REGISTRY_PASSWORD" | docker login $CI_REGISTRY -u $CI_REGISTRY_USER --password-stdin
  script:
    - docker build -t $REGISTRY:${CI_COMMIT_SHORT_SHA} -t $REGISTRY:latest .
    - docker push $REGISTRY:${CI_COMMIT_SHORT_SHA}
    - docker push $REGISTRY:latest
  rules:
    - if: $CI_COMMIT_BRANCH == "main"

deploy:
  <<: *deploy_setup
  stage: deploy
  needs: [publish]
  rules:
    - if: $CI_COMMIT_BRANCH == "main"
  script:
    - |
      ssh $VPS_USER@$VPS_HOST << ENDSSH
        set -e
        echo "$CI_REGISTRY_PASSWORD" | docker login registry.gitlab.com -u "$CI_REGISTRY_USER" --password-stdin
        cd /opt/services
        docker compose -f docker-compose.yml -f docker-compose.prod.yml pull audio-foreign
        docker compose -f docker-compose.yml -f docker-compose.prod.yml up -d audio-foreign
        docker image prune -af
      ENDSSH