name: Release Docker Images

on:
  workflow_dispatch:
    inputs:
      build_id:
        description: 'Build ID (leave empty for latest successful build)'
        required: false
        type: string

jobs:
  release:
    runs-on: ubuntu-latest
    
    steps:
      - name: Checkout code
        uses: https://github.com/actions/checkout@v4

      - name: Setup Node.js
        uses: https://github.com/actions/setup-node@v4
        with:
          node-version: 20

      - name: Determine build ID
        id: build
        run: |
          BUILD_ID="${{ github.event.inputs.build_id }}"
          if [ -z "$BUILD_ID" ]; then
            echo "No build_id provided, will use latest from packages"
            # Fallback: you can implement logic to find latest build tag
            echo "ERROR: Please provide build_id for now"
            exit 1
          fi
          echo "build_id=$BUILD_ID" >> "$GITHUB_OUTPUT"
          echo "Using build_id: $BUILD_ID"

      - name: Log in to Gitea Container Registry
        run: |
          echo "${{ secrets.REGISTRY_TOKEN }}" | docker login code.bim-it.pl -u "${{ secrets.REGISTRY_USER }}" --password-stdin

      - name: Pull build artifacts (images)
        run: |
          docker pull code.bim-it.pl/mz/bimai-api:build-${{ steps.build.outputs.build_id }}
          docker pull code.bim-it.pl/mz/bimai-ui:build-${{ steps.build.outputs.build_id }}

      - name: Extract appsettings from images
        run: |
          mkdir -p artifacts/api artifacts/ui
          
          # Extract from API image
          docker create --name temp-api code.bim-it.pl/mz/bimai-api:build-${{ steps.build.outputs.build_id }}
          docker cp temp-api:/app/appsettings.Production.json artifacts/api/
          docker rm temp-api
          
          # Extract from UI image
          docker create --name temp-ui code.bim-it.pl/mz/bimai-ui:build-${{ steps.build.outputs.build_id }}
          docker cp temp-ui:/app/appsettings.Production.json artifacts/ui/
          docker rm temp-ui

      - name: Show extracted configs (before tokenization)
        run: |
          echo "::group::API appsettings.Production.json"
          cat artifacts/api/appsettings.Production.json
          echo "::endgroup::"
          echo "::group::UI appsettings.Production.json"
          cat artifacts/ui/appsettings.Production.json
          echo "::endgroup::"

      - name: Tokenize appsettings
        env:
          SECRETS: ${{ toJson(secrets) }}
          VARIABLES: ${{ toJson(vars) }}
          RUN_ID: ${{ steps.build.outputs.build_id }}
        run: |
          node .gitea/scripts/replaceTokens.js

      - name: Show tokenized configs (after tokenization)
        run: |
          echo "::group::API appsettings.Production.json (tokenized)"
          cat artifacts/api/appsettings.Production.json | sed 's/Password=[^;]*/Password=***/g'
          echo "::endgroup::"
          echo "::group::UI appsettings.Production.json (tokenized)"
          cat artifacts/ui/appsettings.Production.json
          echo "::endgroup::"

      - name: Rebuild images with tokenized configs
        run: |
          # API
          cat > Dockerfile.release.api <<'EOF'
          FROM code.bim-it.pl/mz/bimai-api:build-${{ steps.build.outputs.build_id }}
          COPY artifacts/api/appsettings.Production.json /app/
          EOF
          docker build -f Dockerfile.release.api \
            -t code.bim-it.pl/mz/bimai-api:prod \
            -t code.bim-it.pl/mz/bimai-api:release-${{ steps.build.outputs.build_id }} \
            .
          
          # UI
          cat > Dockerfile.release.ui <<'EOF'
          FROM code.bim-it.pl/mz/bimai-ui:build-${{ steps.build.outputs.build_id }}
          COPY artifacts/ui/appsettings.Production.json /app/
          EOF
          docker build -f Dockerfile.release.ui \
            -t code.bim-it.pl/mz/bimai-ui:prod \
            -t code.bim-it.pl/mz/bimai-ui:release-${{ steps.build.outputs.build_id }} \
            .

      - name: Push final images
        run: |
          docker push code.bim-it.pl/mz/bimai-api:prod
          docker push code.bim-it.pl/mz/bimai-api:release-${{ steps.build.outputs.build_id }}
          docker push code.bim-it.pl/mz/bimai-ui:prod
          docker push code.bim-it.pl/mz/bimai-ui:release-${{ steps.build.outputs.build_id }}

      - name: Output release info
        run: |
          echo "##  Docker Images Released" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "**Build ID:** ${{ steps.build.outputs.build_id }}" >> $GITHUB_STEP_SUMMARY
          echo "**Release ID:** ${{ github.run_id }}" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "### Pull commands:" >> $GITHUB_STEP_SUMMARY
          echo '```bash' >> $GITHUB_STEP_SUMMARY
          echo "# Production (latest)" >> $GITHUB_STEP_SUMMARY
          echo "docker pull code.bim-it.pl/mz/bimai-api:prod" >> $GITHUB_STEP_SUMMARY
          echo "docker pull code.bim-it.pl/mz/bimai-ui:prod" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "# Specific release" >> $GITHUB_STEP_SUMMARY
          echo "docker pull code.bim-it.pl/mz/bimai-api:release-${{ steps.build.outputs.build_id }}" >> $GITHUB_STEP_SUMMARY
          echo "docker pull code.bim-it.pl/mz/bimai-ui:release-${{ steps.build.outputs.build_id }}" >> $GITHUB_STEP_SUMMARY
          echo '```' >> $GITHUB_STEP_SUMMARY