name: Deploy

on:
  push:
    branches:
      - rewrite-static

jobs:
  deploy:
    name: Deploy website via rsync over SSH
    runs-on: ubuntu-latest

    steps:
      - name: 🧩 Checkout repository
        uses: actions/checkout@v3

      - name: 🧠 Check required secrets
        run: |
          echo "🧩 Checking secrets availability..."
          for var in DEPLOY_KEY DEPLOY_USER DEPLOY_HOST DEPLOY_PORT DEPLOY_PATH; do
            if [ -z "${!var}" ]; then
              echo "❌ Secret $var is empty or undefined!" && exit 1
            else
              echo "✅ $var present (length: ${#var})"
            fi
          done
        shell: bash

      - name: 🔐 Set up SSH key
        run: |
          echo "🏗️  Setting up SSH environment..."
          mkdir -p ~/.ssh
          chmod 700 ~/.ssh

          echo "🔑 Writing private key..."
          printf "%s\n" "$DEPLOY_KEY" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519

          echo "📡 Adding ${DEPLOY_HOST}:${DEPLOY_PORT} to known_hosts..."
          ssh-keyscan -p "$DEPLOY_PORT" -H "$DEPLOY_HOST" >> ~/.ssh/known_hosts 2>/dev/null
          echo "✅ SSH setup complete!"
        shell: bash

      - name: 🚀 Deploy via rsync
        run: |
          echo "🚀 Starting rsync deployment..."
          rsync -avz \
            --delete \
            -e "ssh -i ~/.ssh/id_ed25519 -p $DEPLOY_PORT -o StrictHostKeyChecking=no" \
            ./ "${DEPLOY_USER}@${DEPLOY_HOST}:${DEPLOY_PATH}"
          echo "✅ Deployment finished successfully!"
        shell: bash