pipeline {
    agent {
        kubernetes {
            yaml '''
apiVersion: v1
kind: Pod
metadata:
  name: my-pod
spec:
  containers:
    - name: kubectl
      image: bitnami/kubectl:latest
      command:
        - cat
      tty: true
      securityContext:
        runAsUser: 1000

    - name: docker
      image: docker:latest
      command:
        - cat
      tty: true
      volumeMounts:
        - name: docker-sock
          mountPath: /var/run/docker.sock

  volumes:
    - name: docker-sock
      hostPath:
        path: /var/run/docker.sock

'''
        }
    }
    
    triggers {
        pollSCM('H/5 * * * *')
    }

    environment {
        REGISTRY_URL = 'git.winteraccess.id'
        IMAGE_NAME = 'winter-access/frontend-nam.git'
        KUBE_CONFIG_ID = '1c8bd8d9-1590-468c-afc7-24495d4330dc'
        CREDENTIALS_ID = '45c25ade-b1f8-455b-bdd6-e11ff141b70c'
    }

    stages {
        stage('Checkout Code') {
            steps {
                cleanWs()
                git branch: 'master', url: 'https://git.winteraccess.id/winter-access/frontend-nam.git', credentialsId: "${CREDENTIALS_ID}"
            }
        }

        stage('Get Short SHA') {
            steps {
                script {
                    env.SHORT_SHA = sh(script: 'git rev-parse --short HEAD', returnStdout: true).trim()
                }
            }
        }

        stage('Login to Docker Registry') {
            steps {
                container('docker'){
                    withCredentials([usernamePassword(credentialsId: "08063d26-0005-4942-9b87-9d819a13b973", 
                        usernameVariable: 'DOCKER_USER', 
                        passwordVariable: 'DOCKER_PASS')]) {
                        sh "docker login -u ${DOCKER_USER} -p ${DOCKER_PASS} ${REGISTRY_URL}"
                    }
                }
            }
        }


        stage('Build and Push Docker Image') {
            steps {
                container('docker') {  // Runs in the Docker container inside Kubernetes
                    script {
                        def imageTag = "dev-${env.SHORT_SHA}"
                        sh """
                        docker build -t ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag} \
                                     -t ${REGISTRY_URL}/${IMAGE_NAME}:master \
                                     -t ${REGISTRY_URL}/${IMAGE_NAME}:latest \
                                     -f deploy/docker/Dockerfile .
                        
                        docker push ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag}
                        docker push ${REGISTRY_URL}/${IMAGE_NAME}:master
                        docker push ${REGISTRY_URL}/${IMAGE_NAME}:latest
                        """
                    }
                }
            }
        }

        stage('Deploy and Restart to Kubernetes') {
            steps {
                container('kubectl') {  // ✅ Runs kubectl inside the correct container
                   sh 'ls -la deploy/kubernetes/'
                    withKubeConfig([credentialsId: '1c8bd8d9-1590-468c-afc7-24495d4330dc']) {  // ✅ Uses the Jenkins credential
                        sh '''
                        set -e
                        kubectl apply -f deploy/kubernetes/dev.yaml --validate=true
                        kubectl rollout restart deployment nam-frontend-dev -n nam-frontend-dev
                        '''
                    }
                }
            }
        }


    }

    post {
        always {
            cleanWs()
        }
    }
}