# Деплой на сервер по SSH после пуша тега v* или вручную (в т.ч. откат на старый тег).
name: Deploy

on:
  push:
    tags:
      - "v*"
  workflow_dispatch:
    inputs:
      ref:
        description: "Git ref (тег для релиза или отката, напр. v1.5.0 или v1.4.1)"
        required: true
        default: "main"

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - name: Определить ревизию
        id: pick
        run: |
          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
            echo "ref=${{ inputs.ref }}" >> "$GITHUB_OUTPUT"
          else
            echo "ref=${{ github.ref_name }}" >> "$GITHUB_OUTPUT"
          fi

      - name: SSH — fetch, checkout, docker compose
        uses: appleboy/ssh-action@v1.2.0
        with:
          host: ${{ secrets.DEPLOY_HOST }}
          username: ${{ secrets.DEPLOY_USER }}
          key: ${{ secrets.DEPLOY_SSH_KEY }}
          script_stop: true
          command_timeout: 20m
          script: |
            set -euo pipefail
            cd "${{ secrets.DEPLOY_PATH }}"
            git fetch origin --tags --prune
            git checkout "${{ steps.pick.outputs.ref }}"
            if git show-ref --verify --quiet "refs/remotes/origin/${{ steps.pick.outputs.ref }}"; then
              git reset --hard "origin/${{ steps.pick.outputs.ref }}"
            else
              git reset --hard "${{ steps.pick.outputs.ref }}"
            fi
            docker compose build
            docker compose up -d
            docker compose ps