name: Redeploy Docker Compose

on:
  push:
    branches:
      - main

jobs:
  redeploy:
    runs-on: ubuntu-latest
    env:
      DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }}
      DEPLOY_BRANCH: main
    steps:
      - name: Validate deployment path
        shell: bash
        run: |
          set -euo pipefail
          if [ -z "${DEPLOY_PATH:-}" ]; then
            echo "Missing required secret: DEPLOY_PATH"
            exit 1
          fi

      - name: Redeploy locally on runner host
        shell: bash
        run: |
          set -euo pipefail
          DEPLOY_PATH="$(printf '%s' "$DEPLOY_PATH" | tr -d '\r\n')"
          echo "Using DEPLOY_PATH=<$DEPLOY_PATH>"
          ls -ld "$DEPLOY_PATH"
          cd "$DEPLOY_PATH"
          git fetch origin "$DEPLOY_BRANCH"
          git checkout "$DEPLOY_BRANCH"
          git pull --ff-only origin "$DEPLOY_BRANCH"
          docker compose pull
          docker compose up -d --build --remove-orphans