pipeline {
    agent {
        kubernetes {
            yaml """
apiVersion: v1
kind: Pod
spec:
  containers:
  - name: node
    image: node:18-slim
    command:
    - sleep
    args:
    - infinity
  - name: docker
    image: docker:dind
    securityContext:
      privileged: true
    env:
    - name: DOCKER_TLS_CERTDIR
      value: ""
  - name: tools
    image: alpine/git
    command:
    - sleep
    args:
    - infinity
"""
        }
    }

    environment {
        APP_NAME        = 'tictactoe'
        HARBOR_REGISTRY = 'harbor.fireflylab.local'
        HARBOR_PROJECT  = 'library'
        IMAGE           = "${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${APP_NAME}"
        DOCKER_HOST     = 'tcp://localhost:2375'
        CHART_FILE      = 'manifest/helm/Chart.yaml'
        VALUES_FILE     = 'manifest/helm/values.yaml'
    }

    stages {
        stage('Checkout') {
            steps {
                checkout scm
            }
        }

        stage('Install & Test') {
            steps {
                container('node') {
                    sh 'npm install'
                    sh 'npm test'
                }
            }
        }

        stage('Build & Push Image') {
            steps {
                container('docker') {
                    withCredentials([usernamePassword(
                        credentialsId: 'harbor-credentials',
                        usernameVariable: 'HARBOR_USER',
                        passwordVariable: 'HARBOR_PASS'
                    )]) {
                        sh """
                            docker login ${HARBOR_REGISTRY} -u \${HARBOR_USER} -p \${HARBOR_PASS}
                            docker build -t ${IMAGE}:${BUILD_NUMBER} .
                            docker push ${IMAGE}:${BUILD_NUMBER}
                        """
                    }
                }
            }
        }

        stage('Bump Helm Chart') {
            steps {
                container('tools') {
                    script {
                        def content = readFile(CHART_FILE)
                        def matcher = content =~ /version:\s+(\d+)\.(\d+)\.(\d+)/
                        def newVersion = "${matcher[0][1]}.${matcher[0][2]}.${matcher[0][3].toInteger() + 1}"
                        sh "sed -i 's/^version: .*/version: ${newVersion}/' ${CHART_FILE}"
                        sh "sed -i 's/^appVersion: .*/appVersion: \"${BUILD_NUMBER}\"/' ${CHART_FILE}"
                        sh "sed -i 's/^  tag: .*/  tag: ${BUILD_NUMBER}/' ${VALUES_FILE}"
                    }
                }
            }
        }

        stage('Commit & Push') {
            steps {
                container('tools') {
                    withCredentials([usernamePassword(
                        credentialsId: 'gitea-credentials',
                        usernameVariable: 'GIT_USER',
                        passwordVariable: 'GIT_PASS'
                    )]) {
                        sh """
                            git config user.email "jenkins@fireflylab.local"
                            git config user.name "Jenkins"
                            git add ${CHART_FILE} ${VALUES_FILE}
                            git commit -m "ci: bump tictactoe chart to build ${BUILD_NUMBER}"
                            REMOTE_URL=\$(git remote get-url origin)
                            AUTH_URL=\$(echo \$REMOTE_URL | sed "s|https://|https://\${GIT_USER}:\${GIT_PASS}@|")
                            BRANCH=\$(git rev-parse --abbrev-ref HEAD)
                            git push \$AUTH_URL HEAD:\$BRANCH
                        """
                    }
                }
            }
        }
    }

}
