# Template: Azure DevOps Pipeline for GitHub Integration
# 
# INSTRUCTIONS:
# 1. Replace 'your-github-username/price-tracker' with your actual GitHub repository path
# 2. Ensure your GitHub service connection is named 'github' in Azure DevOps
# 3. Update the Docker registry variables if needed
# 4. Copy this content to azure-pipelines.yml in your repository

# Pipeline for Price Tracker application
# This pipeline pulls from GitHub and builds/deploys the Docker container

# Define the GitHub repository as the source
resources:
  repositories:
  - repository: self
    type: github
    endpoint: github  # This should match your GitHub service connection name
    name: your-github-username/price-tracker  # TODO: Replace with your actual GitHub repo path

trigger:
  branches:
    include:
    - main
    - develop
  paths:
    include:
    - src/*
    - templates/*
    - requirements.txt
    - Dockerfile
    - config.json
    - main.py

variables:
  # Container registry service connection established during pipeline creation
  dockerRegistryServiceConnection: 'dock-ptslondon-connection'
  imageRepository: 'price-tracker'
  containerRegistry: 'dock.ptslondon.co.uk'  # TODO: Update if using different registry
  dockerfilePath: '$(Build.SourcesDirectory)/Dockerfile'
  tag: '$(Build.BuildId)'
  
  # Agent VM image name
  vmImageName: 'ubuntu-latest'

stages:
- stage: Build
  displayName: Build and push stage
  jobs:
  - job: Build
    displayName: Build
    pool:
      vmImage: $(vmImageName)
    steps:
    - task: Docker@2
      displayName: Build and push Docker image
      inputs:
        command: buildAndPush
        repository: $(imageRepository)
        dockerfile: $(dockerfilePath)
        containerRegistry: $(dockerRegistryServiceConnection)
        tags: |
          $(tag)
          latest

    # Optional: Run security scan on the image
    - task: Docker@2
      displayName: Run Trivy vulnerability scanner
      inputs:
        command: 'run'
        arguments: '--rm -v /var/run/docker.sock:/var/run/docker.sock -v $(System.DefaultWorkingDirectory):/tmp/trivy aquasec/trivy image --exit-code 0 --severity HIGH,CRITICAL $(containerRegistry)/$(imageRepository):$(tag)'
      continueOnError: true

    # Optional: Test the built image
    - task: Docker@2
      displayName: Test Docker image
      inputs:
        command: 'run'
        arguments: '--rm -d --name price-tracker-test -p 5001:5000 $(containerRegistry)/$(imageRepository):$(tag)'
      continueOnError: true

    - script: |
        # Wait for container to start
        sleep 10
        # Test health endpoint
        curl -f http://localhost:5001/ || echo "Health check failed"
        # Cleanup test container
        docker stop price-tracker-test || true
      displayName: 'Health check test'
      continueOnError: true

    # Publish build artifacts
    - task: PublishBuildArtifacts@1
      displayName: 'Publish docker-compose and deployment files'
      inputs:
        PathtoPublish: '$(Build.SourcesDirectory)'
        ArtifactName: 'deployment-files'
        publishLocation: 'Container'
      condition: succeeded()