name: 'Auto Deploy Stage'
description: 'Stages a new deployment on the app server'
inputs:
  ssh_key:
    description: 'SSH Private Key'
    required: true
  host:
    description: 'Remote App Host'
    required: true
  port:
    description: 'Remote SSH Port'
    required: true
  user:
    description: 'Remote User'
    required: true
  harbor_user:
    description: 'Harbor Username'
    required: true
  harbor_secret:
    description: 'Harbor Secret'
    required: true
  harbor_host:
    description: 'Docker Registry Host'
    required: false
    default: 'harbor.hclife.co'
  image_tag:
    description: 'Image Tag to deploy'
    required: true
  app_key:
    description: 'Application Key'
    required: true
  auto_deploy_path:
    description: 'Path to auto-deploy repo on remote'
    required: true
  auto_deploy_branch:
    description: 'Branch to checkout in auto-deploy repo'
    required: false
    default: 'main'
runs:
  using: 'composite'
  steps:
    - name: SSH Deploy Stage
      shell: bash
      env:
        SSH_KEY: ${{ inputs.ssh_key }}
        DEPLOY_HOST: ${{ inputs.host }}
        DEPLOY_PORT: ${{ inputs.port }}
        DEPLOY_USER: ${{ inputs.user }}
        HARBOR_USER: ${{ inputs.harbor_user }}
        HARBOR_SECRET: ${{ inputs.harbor_secret }}
        HARBOR_HOST: ${{ inputs.harbor_host }}
        IMAGE_TAG: ${{ inputs.image_tag }}
        APP_KEY: ${{ inputs.app_key }}
        AUTO_DEPLOY_PATH: ${{ inputs.auto_deploy_path }}
        AUTO_DEPLOY_BRANCH: ${{ inputs.auto_deploy_branch }}
      run: |
        set -eu
        
        SSH_TMP_DIR="$(mktemp -d)"
        trap 'rm -rf "$SSH_TMP_DIR"' EXIT
        
        echo "$SSH_KEY" > "$SSH_TMP_DIR/id_rsa"
        chmod 600 "$SSH_TMP_DIR/id_rsa"
        ssh-keyscan -p "$DEPLOY_PORT" "$DEPLOY_HOST" > "$SSH_TMP_DIR/known_hosts"
        
        SSH_OPTS=(
          -i "$SSH_TMP_DIR/id_rsa"
          -o UserKnownHostsFile="$SSH_TMP_DIR/known_hosts"
          -o StrictHostKeyChecking=yes
          -p "$DEPLOY_PORT"
        )
        
        ssh "${SSH_OPTS[@]}" "$DEPLOY_USER@$DEPLOY_HOST" \
          "APP_KEY=$(printf '%q' "$APP_KEY") IMAGE_TAG=$(printf '%q' "$IMAGE_TAG") HARBOR_USER=$(printf '%q' "$HARBOR_USER") HARBOR_SECRET=$(printf '%q' "$HARBOR_SECRET") HARBOR_HOST=$(printf '%q' "$HARBOR_HOST") AUTO_DEPLOY_PATH=$(printf '%q' "$AUTO_DEPLOY_PATH") AUTO_DEPLOY_BRANCH=$(printf '%q' "$AUTO_DEPLOY_BRANCH") bash -se -c 'printf \"%s\" \"\$HARBOR_SECRET\" | sudo /usr/bin/docker login \"\$HARBOR_HOST\" -u \"\$HARBOR_USER\" --password-stdin; echo \"[remote] Harbor login succeeded\"; cd \"\$AUTO_DEPLOY_PATH\"; git checkout \"\$AUTO_DEPLOY_BRANCH\"; git pull --ff-only; git submodule sync --recursive; git submodule update --init --recursive; echo \"[remote] auto-deploy repo updated\"; ./common/deploy.sh deploy \"\$APP_KEY\" \"\$IMAGE_TAG\"; echo \"[remote] \$APP_KEY deploy staged with IMAGE_TAG=\$IMAGE_TAG\"; echo \"[remote] current deployment status:\"; ./common/deploy.sh status \"\$APP_KEY\" --format env'"