pipeline {
  agent none

  parameters {
    choice(name: 'APP', choices: ['tenant-platform', 'ops-platform'], description: '要构建的 Web 应用')
    string(name: 'IMAGE_TAG', defaultValue: 'latest', description: '镜像 Tag')
    booleanParam(name: 'DEPLOY', defaultValue: true, description: '构建后是否自动部署')
  }

  environment {
    ACR_REGISTRY  = 'crpi-n44qjpuucgjt8e8c.cn-beijing.personal.cr.aliyuncs.com'
    ACR_NAMESPACE = 'xuqmgroup'
    ACR_USERNAME  = 'xuqinmin12'
    PROD_HOST     = '106.54.23.149'
    PROD_USER     = 'ubuntu'
    COMPOSE_FILE  = '/opt/xuqm/deploy/compose.production.yaml'
  }

  stages {
    stage('Checkout') {
      agent any
      steps {
        checkout scm
        stash name: 'source', includes: '**/*'
      }
    }

    stage('Install & Build') {
      agent {
        docker {
          image 'node:22-alpine'
          args '-v yarn-cache:/root/.yarn'
        }
      }
      steps {
        unstash 'source'
        dir("${params.APP}") {
          sh '''
            yarn install --frozen-lockfile
            yarn build
          '''
        }
        stash name: 'dist', includes: "${params.APP}/dist/**,${params.APP}/Dockerfile"
      }
    }

    stage('Docker Build & Push') {
      agent any
      steps {
        unstash 'dist'
        withCredentials([string(credentialsId: 'ACR_PASSWORD', variable: 'ACR_PASS')]) {
          script {
            def imageName = "${ACR_REGISTRY}/${ACR_NAMESPACE}/web-${params.APP}:${params.IMAGE_TAG}"
            sh """
              docker login ${ACR_REGISTRY} -u ${ACR_USERNAME} -p \${ACR_PASS}
              docker build -f ${params.APP}/Dockerfile -t ${imageName} .
              docker push ${imageName}
              docker rmi ${imageName}
            """
          }
        }
      }
    }

    stage('Deploy to Production') {
      agent any
      when { expression { return params.DEPLOY } }
      steps {
        withCredentials([sshUserPrivateKey(credentialsId: 'PROD_SSH_KEY', keyFileVariable: 'SSH_KEY')]) {
          script {
            def svcName = params.APP == 'tenant-platform' ? 'web' : 'ops-web'
            def imageName = "${ACR_REGISTRY}/${ACR_NAMESPACE}/web-${params.APP}:${params.IMAGE_TAG}"
            sh """
              ssh -i \${SSH_KEY} -o StrictHostKeyChecking=no ${PROD_USER}@${PROD_HOST} "
                docker pull ${imageName} &&
                cd /opt/xuqm/deploy &&
                docker compose -f ${COMPOSE_FILE} up -d --no-deps ${svcName} &&
                docker image prune -f
              "
            """
          }
        }
      }
    }
  }

  post {
    success { echo "✅ ${params.APP}:${params.IMAGE_TAG} 构建部署成功" }
    failure  { echo "❌ 构建失败，请检查日志" }
  }
}
