pipeline {
  agent any

  parameters {
    choice(
      name: 'SERVICE',
      choices: ['all', 'tenant-service', 'im-service', 'push-service', 'update-service', 'file-service', 'license-service', 'demo-service', 'xuqm-bugcollect-service'],
      description: '要构建的服务模块（all = 全部，每个服务独立版本号）'
    )
  }

  environment {
    ACR_REGISTRY    = 'crpi-n44qjpuucgjt8e8c.cn-beijing.personal.cr.aliyuncs.com'
    ACR_NAMESPACE   = 'xuqmgroup'
    ACR_USERNAME    = 'xuqinmin12'
    PROD_HOST       = '106.54.23.149'
    PROD_USER       = 'ubuntu'
    COMPOSE_FILE    = '/opt/xuqm/deploy/compose.production.yaml'
    VERSIONS_FILE   = '/opt/xuqm/deploy/versions.json'
    DOCKER_BUILDKIT = '1'
  }

  options {
    timeout(time: 60, unit: 'MINUTES')
    buildDiscarder(logRotator(numToKeepStr: '30'))
    disableConcurrentBuilds()
  }

  stages {
    stage('Checkout') {
      steps {
        checkout([
          $class: 'GitSCM',
          branches: [[name: 'main']],
          extensions: [[$class: 'CleanBeforeCheckout']],
          userRemoteConfigs: scm.userRemoteConfigs
        ])
      }
    }

    stage('Resolve Versions') {
      steps {
        script {
          def allServices = ['tenant-service', 'im-service', 'push-service', 'update-service', 'file-service', 'license-service', 'demo-service', 'xuqm-bugcollect-service']

          // 支持从 job 名自动推断服务（如 xuqmgroup-update-service → update-service）
          def jobService = env.JOB_NAME.tokenize('/').last()
              .replaceFirst(/^xuqmgroup-/, '')
          def resolvedService = allServices.contains(jobService) ? jobService : params.SERVICE
          def targets = resolvedService == 'all' ? allServices : [resolvedService]
          echo "Job: ${env.JOB_NAME} → SERVICE=${resolvedService}"

          // serviceVersions: Map<svcName, newVersion>
          def serviceVersions = [:]
          for (svc in targets) {
            def vf = "VERSION.${svc}"
            def current = fileExists(vf) ? readFile(vf).trim() : '1.0.0'
            def parts = current.tokenize('.')
            while (parts.size() < 3) parts.add('0')
            def newVer = "${parts[0]}.${parts[1]}.${parts[2].toInteger() + 1}"
            serviceVersions[svc] = newVer
            writeFile file: vf, text: newVer
            echo "${svc}: ${current} → ${newVer}"
          }
          env.SERVICE_VERSIONS_JSON = groovy.json.JsonOutput.toJson(serviceVersions)
        }
      }
    }

    stage('Docker Build & Push') {
      steps {
        withCredentials([string(credentialsId: 'ACR_PASSWORD', variable: 'ACR_PASS')]) {
          script {
            def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON)
            for (entry in serviceVersions) {
              def svc = entry.key
              def ver = entry.value
              def base = "${ACR_REGISTRY}/${ACR_NAMESPACE}/${svc}"
              def versionedImage = "${base}:${ver}"
              def latestImage = "${base}:latest"
              echo "Building ${svc}:${ver}..."
              bat """
                docker login ${ACR_REGISTRY} -u ${ACR_USERNAME} -p %ACR_PASS%
                if %errorlevel% neq 0 exit /b 1
                docker pull --platform=linux/amd64 ${latestImage} || echo Pull failed, will build fresh
                docker build --platform=linux/amd64 --build-arg SERVICE_MODULE=${svc} --build-arg SERVICE_VERSION=${ver} --build-arg BUILDKIT_INLINE_CACHE=1 --cache-from ${latestImage} -t ${versionedImage} -t ${latestImage} .
                if %errorlevel% neq 0 exit /b 1
                docker push ${versionedImage}
                if %errorlevel% neq 0 exit /b 1
                docker push ${latestImage}
                if %errorlevel% neq 0 exit /b 1
                docker rmi ${versionedImage} ${latestImage}
                exit /b 0
              """
            }
          }
        }
      }
    }

    stage('Deploy to Production') {
      steps {
        lock('prod-deploy') {
          withCredentials([sshUserPrivateKey(credentialsId: 'PROD_SSH_KEY', keyFileVariable: 'SSH_KEY')]) {
            script {
              def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON)
              for (entry in serviceVersions) {
                def svc = entry.key
                def latestImage = "${ACR_REGISTRY}/${ACR_NAMESPACE}/${svc}:latest"
                echo "Deploying ${svc}..."
                retry(2) {
                  bat """
                    ssh -i "%SSH_KEY%" -o StrictHostKeyChecking=no ${PROD_USER}@${PROD_HOST} "docker image prune -f 2>/dev/null || true; docker pull ${latestImage} || exit 1; docker compose -f ${COMPOSE_FILE} up -d --no-deps --force-recreate ${svc} || exit 1; docker image prune -f"
                  """
                }
              }

              // 合并更新 versions.json（只改动本次构建涉及的服务，不覆盖其它服务或 web 条目）
              def releasedAt = new Date().format("yyyy-MM-dd'T'HH:mm:ss'Z'", TimeZone.getTimeZone('UTC'))
              def builtJson = groovy.json.JsonOutput.toJson(serviceVersions)
              def allSvcsList = groovy.json.JsonOutput.toJson(['tenant-service', 'im-service', 'push-service', 'update-service', 'file-service', 'license-service', 'demo-service', 'xuqm-bugcollect-service'])
              def updateScript = """\
import json, os
path = '${env.VERSIONS_FILE}'
d = json.load(open(path)) if os.path.exists(path) else {}
built = ${builtJson}
all_svcs = ${allSvcsList}
d.setdefault('services', {})
for s in all_svcs:
    d['services'].setdefault(s, {})
    if s in built:
        d['services'][s]['version'] = built[s]
        d['services'][s]['changed'] = True
    else:
        d['services'][s].setdefault('version', 'unknown')
        d['services'][s]['changed'] = False
# platformVersion 取 tenant-service 版本（主服务），私有部署 check-update 用此字段判断是否有新版本
if 'tenant-service' in built:
    d['platformVersion'] = built['tenant-service']
elif 'platformVersion' not in d:
    d['platformVersion'] = list(built.values())[0] if built else 'unknown'
d['releasedAt'] = '${releasedAt}'
json.dump(d, open(path, 'w'), indent=2, ensure_ascii=False)
print('versions.json updated, platformVersion=' + d.get('platformVersion', ''))
""".stripIndent()
              writeFile file: 'update_versions.py', text: updateScript
              bat """
                scp -i "%SSH_KEY%" -o StrictHostKeyChecking=no update_versions.py ${PROD_USER}@${PROD_HOST}:/tmp/update_versions.py
                ssh -i "%SSH_KEY%" -o StrictHostKeyChecking=no ${PROD_USER}@${PROD_HOST} "python3 /tmp/update_versions.py && rm /tmp/update_versions.py"
              """
            }
          }
        }
      }
    }

    stage('Commit Versions') {
      steps {
        script {
          def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON)
          def versionFiles = serviceVersions.keySet().collect { "VERSION.${it}" }.join(' ')
          def summary = serviceVersions.collect { svc, ver -> "${svc}=${ver}" }.join(', ')
          bat """
            git config user.email "jenkins@xuqm.com"
            git config user.name "Jenkins CI"
            git add ${versionFiles}
            git diff --cached --quiet || git commit -m "ci: bump versions [${summary}] [skip ci]"
            git push origin HEAD:main
          """
        }
      }
    }
  }

  post {
    success {
      script {
        def serviceVersions = new groovy.json.JsonSlurper().parseText(env.SERVICE_VERSIONS_JSON ?: '{}')
        def summary = serviceVersions.collect { svc, ver -> "${svc}:${ver}" }.join(', ')
        echo "✅ 构建部署成功 — ${summary}"
      }
    }
    failure { echo "❌ 构建失败，请检查日志" }
  }
}
