cannaiq/.woodpecker.yml

steps:
  # ===========================================
  # PR VALIDATION: Parallel type checks (PRs only)
  # ===========================================
  typecheck-backend:
    image: mirror.gcr.io/library/node:22
    commands:
      - cd backend
      - npm ci --prefer-offline
      - npx tsc --noEmit
    depends_on: []
    when:
      event: pull_request

  typecheck-cannaiq:
    image: mirror.gcr.io/library/node:22
    commands:
      - cd cannaiq
      - npm ci --prefer-offline
      - npx tsc --noEmit
    depends_on: []
    when:
      event: pull_request

  typecheck-findadispo:
    image: mirror.gcr.io/library/node:22
    commands:
      - cd findadispo/frontend
      - npm ci --prefer-offline
      - npx tsc --noEmit 2>/dev/null || true
    depends_on: []
    when:
      event: pull_request

  typecheck-findagram:
    image: mirror.gcr.io/library/node:22
    commands:
      - cd findagram/frontend
      - npm ci --prefer-offline
      - npx tsc --noEmit 2>/dev/null || true
    depends_on: []
    when:
      event: pull_request

  # ===========================================
  # AUTO-MERGE: Merge PR after all checks pass
  # ===========================================
  auto-merge:
    image: mirror.gcr.io/library/alpine:latest
    environment:
      GITEA_TOKEN:
        from_secret: gitea_token
    commands:
      - apk add --no-cache curl
      - |
        echo "Merging PR #${CI_COMMIT_PULL_REQUEST}..."
        curl -s -X POST \
          -H "Authorization: token $GITEA_TOKEN" \
          -H "Content-Type: application/json" \
          -d '{"Do":"merge"}' \
          "https://git.spdy.io/api/v1/repos/Creationshop/cannaiq/pulls/${CI_COMMIT_PULL_REQUEST}/merge"
    depends_on:
      - typecheck-backend
      - typecheck-cannaiq
      - typecheck-findadispo
      - typecheck-findagram
    when:
      event: pull_request

  # ===========================================
  # MASTER DEPLOY: Parallel Docker builds (Kaniko - no Docker daemon)
  # ===========================================
  docker-backend:
    image: gcr.io/kaniko-project/executor:debug
    environment:
      REGISTRY_USER:
        from_secret: registry_username
      REGISTRY_PASS:
        from_secret: registry_password
    commands:
      - echo "{\"auths\":{\"git.spdy.io\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASS\"}}}" > /kaniko/.docker/config.json
      - /kaniko/executor
        --context=backend
        --dockerfile=backend/Dockerfile
        --destination=git.spdy.io/creationshop/cannaiq:latest
        --destination=git.spdy.io/creationshop/cannaiq:sha-${CI_COMMIT_SHA:0:8}
        --build-arg=APP_BUILD_VERSION=sha-${CI_COMMIT_SHA:0:8}
        --build-arg=APP_GIT_SHA=${CI_COMMIT_SHA}
        --build-arg=APP_BUILD_TIME=${CI_PIPELINE_CREATED}
        --build-arg=CONTAINER_IMAGE_TAG=sha-${CI_COMMIT_SHA:0:8}
        --cache=true
    depends_on: []
    when:
      branch: [master, develop]
      event: push

  docker-cannaiq:
    image: gcr.io/kaniko-project/executor:debug
    environment:
      REGISTRY_USER:
        from_secret: registry_username
      REGISTRY_PASS:
        from_secret: registry_password
    commands:
      - echo "{\"auths\":{\"git.spdy.io\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASS\"}}}" > /kaniko/.docker/config.json
      - /kaniko/executor
        --context=cannaiq
        --dockerfile=cannaiq/Dockerfile
        --destination=git.spdy.io/creationshop/cannaiq-frontend:latest
        --destination=git.spdy.io/creationshop/cannaiq-frontend:sha-${CI_COMMIT_SHA:0:8}
        --cache=true
    depends_on: []
    when:
      branch: [master, develop]
      event: push

  docker-findadispo:
    image: gcr.io/kaniko-project/executor:debug
    environment:
      REGISTRY_USER:
        from_secret: registry_username
      REGISTRY_PASS:
        from_secret: registry_password
    commands:
      - echo "{\"auths\":{\"git.spdy.io\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASS\"}}}" > /kaniko/.docker/config.json
      - /kaniko/executor
        --context=findadispo/frontend
        --dockerfile=findadispo/frontend/Dockerfile
        --destination=git.spdy.io/creationshop/findadispo-frontend:latest
        --destination=git.spdy.io/creationshop/findadispo-frontend:sha-${CI_COMMIT_SHA:0:8}
        --cache=true
    depends_on: []
    when:
      branch: [master, develop]
      event: push

  docker-findagram:
    image: gcr.io/kaniko-project/executor:debug
    environment:
      REGISTRY_USER:
        from_secret: registry_username
      REGISTRY_PASS:
        from_secret: registry_password
    commands:
      - echo "{\"auths\":{\"git.spdy.io\":{\"username\":\"$REGISTRY_USER\",\"password\":\"$REGISTRY_PASS\"}}}" > /kaniko/.docker/config.json
      - /kaniko/executor
        --context=findagram/frontend
        --dockerfile=findagram/frontend/Dockerfile
        --destination=git.spdy.io/creationshop/findagram-frontend:latest
        --destination=git.spdy.io/creationshop/findagram-frontend:sha-${CI_COMMIT_SHA:0:8}
        --cache=true
    depends_on: []
    when:
      branch: [master, develop]
      event: push

  # ===========================================
  # STAGE 3: Deploy and Run Migrations
  # ===========================================
  deploy:
    image: mirror.gcr.io/bitnami/kubectl:latest
    environment:
      KUBECONFIG_CONTENT:
        from_secret: kubeconfig_data
    commands:
      - mkdir -p ~/.kube
      - echo "$KUBECONFIG_CONTENT" | tr -d '[:space:]' | base64 -d > ~/.kube/config
      - chmod 600 ~/.kube/config
      # Deploy backend first
      - kubectl set image deployment/scraper scraper=git.spdy.io/creationshop/cannaiq:sha-${CI_COMMIT_SHA:0:8} -n cannaiq
      - kubectl rollout status deployment/scraper -n cannaiq --timeout=300s
      # Note: Migrations run automatically at startup via auto-migrate
      # Deploy remaining services
      # Resilience: ensure workers are scaled up if at 0
      - REPLICAS=$(kubectl get deployment scraper-worker -n cannaiq -o jsonpath='{.spec.replicas}'); if [ "$REPLICAS" = "0" ]; then echo "Scaling workers from 0 to 5"; kubectl scale deployment/scraper-worker --replicas=5 -n cannaiq; fi
      - kubectl set image deployment/scraper-worker worker=git.spdy.io/creationshop/cannaiq:sha-${CI_COMMIT_SHA:0:8} -n cannaiq
      - kubectl set image deployment/cannaiq-frontend cannaiq-frontend=git.spdy.io/creationshop/cannaiq-frontend:sha-${CI_COMMIT_SHA:0:8} -n cannaiq
      - kubectl set image deployment/findadispo-frontend findadispo-frontend=git.spdy.io/creationshop/findadispo-frontend:sha-${CI_COMMIT_SHA:0:8} -n cannaiq
      - kubectl set image deployment/findagram-frontend findagram-frontend=git.spdy.io/creationshop/findagram-frontend:sha-${CI_COMMIT_SHA:0:8} -n cannaiq
      - kubectl rollout status deployment/cannaiq-frontend -n cannaiq --timeout=120s
    depends_on:
      - docker-backend
      - docker-cannaiq
      - docker-findadispo
      - docker-findagram
    when:
      branch: [master, develop]
      event: push