name: Build and Deploy

on:
  push:
    branches: [master]

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    env:
      RUNNER_TOOL_CACHE: /toolcache
    steps:
      - name: Checkout
        uses: actions/checkout@v3
        with:
          submodules: false  # Don't fetch submodules yet
          fetch-depth: 0

      # Setup Go for the go-hashfiles action
      - uses: actions/setup-go@v3
        with:
          go-version: '1.20'

      # Generate hash for submodules
      - uses: actions/go-hashfiles@v0.0.1
        id: submodules-hash
        with:
          patterns: .gitmodules

      # Cache the submodule content
      - name: Cache submodules
        id: cache-submodules
        uses: actions/cache@v3
        with:
          path: |
            .git/modules
            themes/blowfish
          key: ${{ runner.os }}-submodules-${{ steps.submodules-hash.outputs.hash }}
          restore-keys: |
            ${{ runner.os }}-submodules-

      # Initialize submodules if cache miss
      - name: Initialize submodules
        if: steps.cache-submodules.outputs.cache-hit != 'true'
        run: git submodule update --init --recursive

      # Generate hash for Hugo dependencies
      - uses: actions/go-hashfiles@v0.0.1
        id: hugo-deps-hash
        with:
          patterns: '**/go.sum'

      # Cache Hugo dependencies and modules
      - name: Cache Hugo dependencies
        uses: actions/cache@v3
        with:
          path: /tmp/hugo_cache
          key: ${{ runner.os }}-hugo-${{ steps.hugo-deps-hash.outputs.hash }}
          restore-keys: |
            ${{ runner.os }}-hugo-

      - name: Setup Hugo
        uses: peaceiris/actions-hugo@v2
        with:
          hugo-version: "latest"
          extended: true

      # Generate hash for Hugo resources
      - uses: actions/go-hashfiles@v0.0.1
        id: hugo-resources-hash
        with:
          patterns: |-
            content/**
            layouts/**
            static/**
            themes/**
            config/**

      # Cache resources but not public to prevent infinite loops
      - name: Cache Hugo resources
        uses: actions/cache@v3
        with:
          path: resources/_gen
          key: ${{ runner.os }}-hugo-resources-${{ steps.hugo-resources-hash.outputs.hash }}
          restore-keys: |
            ${{ runner.os }}-hugo-resources-

      - name: Build
        run: hugo --minify --buildFuture

      # Generate hash for apt cache
      - uses: actions/go-hashfiles@v0.0.1
        id: apt-hash
        with:
          patterns: '**/deploy.yml'

      # Cache apt packages
      - name: Cache apt packages
        uses: actions/cache@v3
        with:
          path: /var/cache/apt/archives
          key: ${{ runner.os }}-apt-${{ steps.apt-hash.outputs.hash }}
          restore-keys: |
            ${{ runner.os }}-apt-

      - name: Install rsync
        run: sudo apt-get update && sudo apt-get install -y rsync

      - name: Install SSH Key
        uses: shimataro/ssh-key-action@v2
        with:
          key: ${{ secrets.SSH_PRIVATE_KEY }}
          known_hosts: unnecessary
          if_key_exists: replace

      - name: Adding Known Hosts
        run: ssh-keyscan -p ${{ secrets.SERVER_PORT }} -H ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts

      - name: Deploy with rsync
        run: |
          rsync -avz --delete -e "ssh -p ${{ secrets.SERVER_PORT }}" \
            ./public ./botPolicy.yaml ./nginx.conf ./docker-compose.prod.yml \
            ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:${{ secrets.DEPLOY_PATH }}

      - name: Restart Docker container
        run: |
          ssh -p ${{ secrets.SERVER_PORT }} ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} \
            "cd ${{ secrets.DEPLOY_PATH }} && sudo docker compose -f docker-compose.prod.yml up -d --build"