pipeline {
    agent {
        kubernetes {
            yaml """
apiVersion: v1
kind: Pod
spec:
  containers:
  - name: node
    image: node:18-slim
    command:
    - sleep
    args:
    - infinity
  - name: docker
    image: docker:dind
    securityContext:
      privileged: true
    env:
    - name: DOCKER_TLS_CERTDIR
      value: ""
    args:
    - --insecure-registry=harbor-core.harbor.svc.cluster.local
"""
        }
    }

    environment {
        APP_NAME        = 'tictactoe'
        HARBOR_REGISTRY = 'harbor-core.harbor.svc.cluster.local'
        HARBOR_PROJECT  = 'library'
        IMAGE           = "${HARBOR_REGISTRY}/${HARBOR_PROJECT}/${APP_NAME}"
        DOCKER_HOST     = 'tcp://localhost:2375'
    }

    stages {
        stage('Install & Test') {
            steps {
                container('node') {
                    sh 'npm install'
                    sh 'npm test'
                }
            }
        }

        stage('Build & Push Image') {
            steps {
                script {
                    def imageTag = "${env.BRANCH_NAME.replaceAll('/', '-')}-${UUID.randomUUID().toString().take(8)}"
                    container('docker') {
                        withCredentials([usernamePassword(
                            credentialsId: 'harbor-credentials',
                            usernameVariable: 'HARBOR_USER',
                            passwordVariable: 'HARBOR_PASS'
                        )]) {
                            sh """
                                docker login ${HARBOR_REGISTRY} -u \${HARBOR_USER} -p \${HARBOR_PASS}
                                docker build -t ${IMAGE}:${imageTag} .
                                docker push ${IMAGE}:${imageTag}
                            """
                        }
                    }
                }
            }
        }
    }
}
