# ==========================================
# 纯 Bash SCP 部署工作流（零外部 Action 依赖）
# ==========================================
name: Deploy Frontend

on:
  push:
    branches:
      - main

jobs:
  deploy:
    runs-on: ubuntu-latest

    steps:
      - name: Deploy via SCP
        run: |
          set -e

          SERVER_HOST="${{ secrets.SSH_HOST }}"
          SERVER_USER="${{ secrets.SSH_USER }}"
          SERVER_PORT="${{ secrets.SSH_PORT }}"
          TARGET_DIR="${{ secrets.TARGET_DIR }}"

          : ${SERVER_HOST:="192.168.31.185"}
          : ${SERVER_USER:="root"}
          : ${SERVER_PORT:="2222"}
          : ${TARGET_DIR:="/data/apps/ci-cd/frontend"}

          echo "🌐 部署至 ${SERVER_USER}@${SERVER_HOST}:${TARGET_DIR} (端口: ${SERVER_PORT})"

          # 配置 SSH 密钥
          mkdir -p ~/.ssh
          chmod 700 ~/.ssh
          printf '%s\n' "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_ed25519
          chmod 600 ~/.ssh/id_ed25519

          echo "🔑 密钥信息（不含敏感内容）："
          head -c 50 ~/.ssh/id_ed25519
          echo ""
          wc -l < ~/.ssh/id_ed25519 | xargs echo "密钥行数："
          grep -c "BEGIN\|END" ~/.ssh/id_ed25519 || echo "⚠️ 未检测到 PEM 头尾标记"

          SSH_OPTS="-o StrictHostKeyChecking=accept-new -i ~/.ssh/id_ed25519 -p ${SERVER_PORT}"

          echo "📁 确保目标目录存在..."
          ssh -v ${SSH_OPTS} "${SERVER_USER}@${SERVER_HOST}" "mkdir -p ${TARGET_DIR}" 2>&1 | tail -20

          echo "🚀 开始上传文件..."
          scp -o StrictHostKeyChecking=accept-new -i ~/.ssh/id_ed25519 -P "${SERVER_PORT}" -r \
            ./* \
            "${SERVER_USER}@${SERVER_HOST}:${TARGET_DIR}/"

          echo "✨ 部署成功！"