name: 构建并部署 Spring Boot 应用
on: [push]

jobs:
  build-and-deploy:
    container:
      image: maven:3.8.6-openjdk-17
      options: --pull=always
      
    runs-on: ubuntu-latest  # 使用更稳定的标签
    
    steps:
      - name: 检出代码
        uses: actions/checkout@v4

      - name: 缓存 Maven 依赖
        uses: actions/cache@v3
        with:
          path: ~/.m2/repository
          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}

      - name: 使用 Maven 打包
        run: mvn clean package -DskipTests

      - name: 验证构建结果
        run: ls -la target/*.jar

      - name: 构建 Docker 镜像
        run: docker build -t light-delivery-app:latest .

      - name: 部署到服务器
        env:
          SSH_PRIVATE_KEY: ${{ secrets.SSH_PRIVATE_KEY }}
          SERVER_IP: ${{ secrets.SERVER_IP }}
        run: |
          mkdir -p ~/.ssh
          echo "$SSH_PRIVATE_KEY" > ~/.ssh/deploy_key
          chmod 600 ~/.ssh/deploy_key
          ssh-keyscan $SERVER_IP >> ~/.ssh/known_hosts
          
          ssh -i ~/.ssh/deploy_key root@$SERVER_IP '
            docker stop light-delivery-container || true
            docker rm light-delivery-container || true
            docker run -d \
              --name light-delivery-container \
              -p 443:443 -p 80:80 \
              -v /etc/ssl/certs:/etc/ssl/certs:ro \
              -e KEY_STORE_PASSWORD="$(cat /etc/ssl/certs/keyStorePass.txt)" \
              light-delivery-app:latest
          '