name: Deploy momo-erp

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Install sshpass
        run: |
          apt-get update -qq && apt-get install -y -qq sshpass openssh-client || \
          sudo apt-get update -qq && sudo apt-get install -y -qq sshpass openssh-client

      - name: Deploy via SSH (password auth)
        run: |
          set +e   # 배포 단계 실패해도 워크플로우 성공 처리 (실제 결과는 헬스체크가 판단)
          export SSHPASS='qlalfqjsgh11'
          mkdir -p ~/.ssh
          ssh-keyscan -H 183.99.177.40 >> ~/.ssh/known_hosts 2>/dev/null || true

          sshpass -e ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null \
            chpark@183.99.177.40 'bash -s' <<'REMOTE_SCRIPT'
          set +e
          DEPLOY_DIR="$HOME/momo-erp/source"
          mkdir -p "$HOME/momo-erp"

          if [ -d "$DEPLOY_DIR/.git" ]; then
            cd "$DEPLOY_DIR"
            git fetch origin
            git reset --hard origin/main
          else
            git clone https://git.junggomoa.com/chpark/distribution_erp.git "$DEPLOY_DIR"
            cd "$DEPLOY_DIR"
          fi

          # .env.production 갱신 (SMTP/MOMO 포함)
          cat > .env.production <<'ENVEOF'
          DATABASE_URL=postgresql://momo_app:qlalfqjsgh11@183.99.177.40:5432/distribution
          NEXTAUTH_URL=https://momotogether.com
          NEXTAUTH_SECRET=2b1f94cca798f49ff62822b01617503b019d118df9d249ee61f835a7dca1946e
          NEXT_PUBLIC_APP_NAME=유통관리 ERP
          NEXT_PUBLIC_COMPANY_NAME=모모유통
          MASTER_PWD=qlalfqjsgh11
          AES_KEY=ILJIAESSECRETKEY
          FILE_STORAGE_PATH=/data_storage
          LOG_LEVEL=info
          SMTP_HOST=mail.coa-soft.com
          SMTP_PORT=465
          SMTP_USER=chpark@coa-soft.com
          SMTP_PASS=1321Qkrckd!!!!!!
          SMTP_FROM=모모유통 <chpark@coa-soft.com>
          MOMO_BANK_ACCOUNT=기업은행 434-115361-01-016
          MOMO_PHONE=010-6624-5315
          DEPLOY_WEBHOOK_TOKEN=momo-deploy-2026-secure
          ENVEOF

          docker compose -f docker-compose.prod.yml up -d --build

          # 마이그레이션 (idempotent) — 컨테이너 안에 db/migrations + scripts/migrate-momo.mjs 가
          # standalone 번들에 포함되어 있어야 동작 (next.config.ts outputFileTracingIncludes).
          # 컨테이너 시도 후 실패하면 호스트 측 docker run 으로 폴백 (소스 마운트 사용).
          if docker compose -f docker-compose.prod.yml exec -T momo-erp node scripts/migrate-momo.mjs 2>&1; then
            echo "✔ 마이그레이션 컨테이너 실행 성공"
          else
            echo "::warning::컨테이너 마이그레이션 실패 — 호스트에서 임시 컨테이너로 재시도"
            docker run --rm \
              --network host \
              -v "$DEPLOY_DIR":/work \
              -w /work \
              --env-file "$DEPLOY_DIR/.env.production" \
              node:20-alpine sh -c "npm i pg --no-save --silent && node scripts/migrate-momo.mjs" \
              || echo "::error::마이그레이션 모두 실패 — 수동 실행 필요"
          fi

          docker compose -f docker-compose.prod.yml ps
          echo "✔ 배포 완료"
          REMOTE_SCRIPT

      - name: Healthcheck (실제 배포 성공 판정)
        run: |
          for i in 1 2 3 4 5 6 7 8 9 10; do
            sleep 10
            CODE=$(curl -s -o /tmp/p.html -w "%{http_code}" -L https://momotogether.com/ || echo 000)
            HAS_NEW=$(grep -q "WORKFLOW\|매입 발주\|SCREEN PREVIEW" /tmp/p.html && echo yes || echo no)
            echo "  ${i}/10: HTTP $CODE / 신버전=$HAS_NEW"
            if [ "$CODE" = "200" ] && [ "$HAS_NEW" = "yes" ]; then
              echo "::notice::✔ 운영 정상 + 신버전 코드 확인"
              exit 0
            fi
          done
          echo "::error::헬스체크 실패: 신버전 코드가 운영에 반영되지 않음"
          exit 1