name: Redeploy Docker Compose

on:
  push:
    branches:
      - main

jobs:
  redeploy:
    runs-on: ubuntu-latest
    env:
      DEPLOY_PATH: ${{ secrets.DEPLOY_PATH }}
      DEPLOY_BRANCH: main
    steps:
      - name: Validate deployment path
        shell: bash
        run: |
          set -euo pipefail
          if [ -z "${DEPLOY_PATH:-}" ]; then
            echo "Missing required secret: DEPLOY_PATH"
            exit 1
          fi

      - name: Redeploy locally on runner host
        shell: bash
        run: |
          set -euo pipefail
          cd "$DEPLOY_PATH"
          git fetch origin "$DEPLOY_BRANCH"
          git checkout "$DEPLOY_BRANCH"
          git pull --ff-only origin "$DEPLOY_BRANCH"
          docker compose pull
          docker compose up -d --build --remove-orphans