name: offline-release

on:
  workflow_dispatch:
    inputs:
      base_ref:
        description: "可选：用于 impact diff 的起始 ref，留空则默认 HEAD^"
        required: false
      include_infra:
        description: "是否同时打 infra bundle"
        required: false
        default: "false"

jobs:
  package-and-deploy:
    runs-on: build-host
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0

      - name: Resolve release refs
        shell: bash
        run: |
          set -euo pipefail
          APP_TAG="$(git rev-parse --short=12 HEAD)"
          BASE_REF="${{ inputs.base_ref }}"
          if [[ -z "${BASE_REF}" ]] && git rev-parse --verify --quiet HEAD^ >/dev/null; then
            BASE_REF="$(git rev-parse HEAD^)"
          fi
          {
            echo "APP_TAG=${APP_TAG}"
            echo "BASE_REF=${BASE_REF}"
          } >> "${GITHUB_ENV}"

      - name: Build release plan
        shell: bash
        run: |
          set -euo pipefail
          ./deploy/impact-rules.sh "${BASE_REF:-}" HEAD deploy/release-plan.env
          cat deploy/release-plan.env

      - name: Pack docker images
        shell: bash
        run: |
          set -euo pipefail
          source deploy/release-plan.env
          args=(--app-tag "${APP_TAG}")
          if [[ "${SMARTFLOW_BUILD_BACKEND}" != "1" ]]; then
            args+=(--skip-backend)
          fi
          if [[ "${SMARTFLOW_BUILD_FRONTEND}" != "1" ]]; then
            args+=(--skip-frontend)
          fi
          if [[ "${{ inputs.include_infra }}" == "true" ]]; then
            args+=(--include-infra)
          fi
          ./deploy/docker-pack.sh "${args[@]}"

      - name: Stage release directory
        shell: bash
        run: |
          set -euo pipefail
          ./deploy/stage-release.sh \
            --release-dir ".release/${APP_TAG}" \
            --plan-file "deploy/release-plan.env" \
            --bundle-dir ".docker-bundles"

      - name: Upload release bundle
        shell: bash
        env:
          SMARTFLOW_DEPLOY_HOST: ${{ secrets.SMARTFLOW_DEPLOY_HOST }}
          SMARTFLOW_DEPLOY_PORT: ${{ secrets.SMARTFLOW_DEPLOY_PORT }}
          SMARTFLOW_DEPLOY_USER: ${{ secrets.SMARTFLOW_DEPLOY_USER }}
          SMARTFLOW_DEPLOY_SSH_KEY: ${{ secrets.SMARTFLOW_DEPLOY_SSH_KEY }}
        run: |
          set -euo pipefail
          mkdir -p ~/.ssh
          printf '%s\n' "${SMARTFLOW_DEPLOY_SSH_KEY}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan -p "${SMARTFLOW_DEPLOY_PORT:-22}" "${SMARTFLOW_DEPLOY_HOST}" >> ~/.ssh/known_hosts
          tar -C ".release/${APP_TAG}" -czf ".release/${APP_TAG}.tgz" .
          ssh -p "${SMARTFLOW_DEPLOY_PORT:-22}" "${SMARTFLOW_DEPLOY_USER}@${SMARTFLOW_DEPLOY_HOST}" "mkdir -p /srv/smartflow/releases/${APP_TAG}"
          scp -P "${SMARTFLOW_DEPLOY_PORT:-22}" ".release/${APP_TAG}.tgz" "${SMARTFLOW_DEPLOY_USER}@${SMARTFLOW_DEPLOY_HOST}:/srv/smartflow/releases/${APP_TAG}.tgz"
          ssh -p "${SMARTFLOW_DEPLOY_PORT:-22}" "${SMARTFLOW_DEPLOY_USER}@${SMARTFLOW_DEPLOY_HOST}" "rm -rf /srv/smartflow/releases/${APP_TAG}/* && tar -xzf /srv/smartflow/releases/${APP_TAG}.tgz -C /srv/smartflow/releases/${APP_TAG} && rm -f /srv/smartflow/releases/${APP_TAG}.tgz"

      - name: Trigger deploy
        shell: bash
        env:
          SMARTFLOW_DEPLOY_HOST: ${{ secrets.SMARTFLOW_DEPLOY_HOST }}
          SMARTFLOW_DEPLOY_PORT: ${{ secrets.SMARTFLOW_DEPLOY_PORT }}
          SMARTFLOW_DEPLOY_USER: ${{ secrets.SMARTFLOW_DEPLOY_USER }}
          SMARTFLOW_DEPLOY_SSH_KEY: ${{ secrets.SMARTFLOW_DEPLOY_SSH_KEY }}
        run: |
          set -euo pipefail
          mkdir -p ~/.ssh
          printf '%s\n' "${SMARTFLOW_DEPLOY_SSH_KEY}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519
          ssh-keyscan -p "${SMARTFLOW_DEPLOY_PORT:-22}" "${SMARTFLOW_DEPLOY_HOST}" >> ~/.ssh/known_hosts
          ssh -p "${SMARTFLOW_DEPLOY_PORT:-22}" "${SMARTFLOW_DEPLOY_USER}@${SMARTFLOW_DEPLOY_HOST}" "smartflow-release deploy ${APP_TAG}"