/* groovylint-disable CompileStatic, DuplicateStringLiteral, LineLength, NestedBlockDepth, NoDef, UnnecessaryGString, VariableTypeRequired */
pipeline {
    agent any

    parameters {
        string(name: 'XIVOCC_TAG', description: 'Release numeric name (e.g. 2022.10)', trim: true)
        string(name: 'XIVOCC_DIST', description: 'latest, latestrc', trim: true)
        booleanParam(name: 'DEV_VERSION', defaultValue: true, description: 'If true, latest lts dev version will be installed')
    }

    tools {
        terraform 'terraform-auto'
    }

    environment {
        PM_API_TOKEN_ID  = 'terraform-prov@pve!terraform-token'
        PM_API_TOKEN_SECRET = credentials('OVH_DEV_PM_API_TOKEN_SECRET')
        MATRIX_ROOM_ID = '%21rrxUQECmXxSmJtEgSq:connect.xivo.solutions'
        MATRIX_TOKEN_ID = 'matrix-rd-bot'
    }

    stages {
        stage('Welcome') {
            steps {
                echo "🚀 BUILD_NUMBER = ${BUILD_NUMBER}"
                echo "📁 WORKSPACE = ${WORKSPACE}"
                echo "Starting daily UC Addon deployment for tag ${params.XIVOCC_TAG} on dist ${params.XIVOCC_DIST} (DEV_VERSION=${params.DEV_VERSION})"
            }
        }
        stage('Checkout Repos') {
            steps {
                dir('terraform') {
                    git branch: 'master',
                        url: 'git@gitlab.com:avencall/terraform-ovh-dev.git',
                        credentialsId: 'Gitlab-avencall-private-repo-read'
                }
                dir('ansible') {
                    git branch: 'master',
                        url: 'git@gitlab.com:avencall/xivo-solutions-playbooks.git',
                        credentialsId: 'Gitlab-avencall-private-repo-read'
                }
            }
        }
        stage('Terraform') {
            steps {
                dir('terraform') {
                    script {
                        sh """
                            terraform init
                            terraform workspace select daily || terraform workspace new daily
                            terraform destroy -auto-approve
                            terraform apply -auto-approve
                        """
                    }
                }
            }
            post {
                always {
                    dir('terraform') {
                        sh 'terraform output -json > terraform-outputs.json || true'
                        archiveArtifacts artifacts: 'terraform-outputs.json', allowEmptyArchive: true
                    }
                }
                success {
                    echo '✅ Terraform deploy OK'
                }
                failure {
                    echo '❌ Terraform deploy failed!'
                }
            }
        }
        stage('Get dev certificates') {
            steps {
                dir('certs') {
                    script {
                        sh '''
                            curl -L -o _.dev.avencall.com.key \
                                "https://dl.avencall.com/certificats_internes/_.dev.avencall.com.key"

                            curl -L -o _.dev.avencall.com.crt \
                                "https://dl.avencall.com/certificats_internes/_.dev.avencall.com.crt"
                        '''
                    }
                }
            }
        }
        stage('Install UC addon via ansible') {
            steps {
                dir('ansible') {
                    script {
                        echo "Running Ansible playbook to install UC Addon ..."
                        sh """
                            env ANSIBLE_TIMEOUT=600 \
                                ANSIBLE_SSH_CONNECTION_TIMEOUT=15 \
                                ANSIBLE_SSH_RETRIES=12 \
                                ANSIBLE_SSH_RETRY_INTERVAL=30 \
                                ANSIBLE_SSH_PIPELINING=true \
                                ansible-playbook -i inventories/common/daily-uc install.yml \
                                -e 'XIVOCC_TAG=${params.XIVOCC_TAG}' \
                                -e 'XIVOCC_DIST=${params.XIVOCC_DIST}' \
                                -e 'dev_version=${params.DEV_VERSION}' \
                                -e 'CERT_FILE_PATH=../certs/_.dev.avencall.com.crt' \
                                -e 'CERT_KEY_FILE_PATH=../certs/_.dev.avencall.com.key' \
                                -e 'ANSIBLE_BECOME_PASS=superpass'
                        """
                    }
                }
            }
            post {
                success {
                    echo '✅ Ansible UC addon install OK'
                }
                failure {
                    echo '❌ Ansible UC addon install failed!'
                }
            }
        }
        stage('Populate UC addon') {
            steps {
                dir('ansible') {
                    script {
                        echo "Running Ansible playbook to populate UC Addon ..."
                        sh """
                            ansible-playbook -i inventories/common/daily-uc populate.yml -e 'skip_confirmation=true'
                        """
                    }
                }
            }
        }
        stage('Launch cypress tests') {
            steps {
                build(
                    job: 'cypress-webi',
                    parameters: [
                        string(name: 'BRANCH_OR_TAG', value: "${params.XIVOCC_TAG ?: 'master'}"),
                        string(name: 'BASE_URL', value: "https://uc-daily.dev.avencall.com/index.php"),
                    ]
                )
            }
        }
    }
    post {
        always {
            echo 'Build completed'
        }
        unstable {
            echo '⚠️ Build UNSTABLE'
            mail bcc: '',
                body: "Build unstable: ${env.BUILD_URL}",
                cc: '',
                from: 'jenkins@avencall.com',
                replyTo: '',
                subject: "Jenkins build is unstable:  ${env.JOB_NAME} #${env.BUILD_NUMBER}",
                to: "randd@avencall.com"
        }
        failure {
            withCredentials([string(credentialsId: "${MATRIX_TOKEN_ID}", variable: 'MATRIX_TOKEN')]) {
                script {
                    def txnId = UUID.randomUUID().toString()
                    sh """
                        curl -s -X PUT \\
                          "https://matrix-server.connect.xivo.solutions/_matrix/client/v3/rooms/${MATRIX_ROOM_ID}/send/m.room.message/${txnId}" \\
                          -H "Authorization: Bearer \${MATRIX_TOKEN}" \\
                          -H "Content-Type: application/json" \\
                          -d '{
                            "msgtype": "m.text",
                            "format": "org.matrix.custom.html",
                            "body": "${JOB_NAME} #${BUILD_NUMBER} has failed with the following params \\nTag: ${params.XIVOCC_TAG} | Dist: ${params.XIVOCC_DIST}\\n Please check the log: 🔗 ${BUILD_URL}",
                            "formatted_body": "<b>❌ ${JOB_NAME}</b> <code>#${BUILD_NUMBER}</code> <i>has failed</i> with the following params:<br><b>Tag:</b> <code>${params.XIVOCC_TAG}</code> | <b>Dist:</b> <code>${params.XIVOCC_DIST}</code><br><span style='color:#ff4444'>Please check the log:</span> <a href='${BUILD_URL}'>🔗 ${BUILD_URL}</a>",                            "m.mentions": {"room": true}
                          }' \\
                          --insecure
                    """
                }
            }
            echo '❌ Build FAILED'
            mail bcc: '',
                body: """
                Build failed: ${env.BUILD_URL}

                Please check the logs!
                """,
                cc: '',
                from: 'jenkins@avencall.com',
                replyTo: '',
                subject: "Build failed in Jenkins: ${env.JOB_NAME} #${env.BUILD_NUMBER}",
                to: "randd@avencall.com"
        }
        fixed {
            echo '✅ Build FIXED (back to stable)'
            mail bcc: '',
                body: "See ${env.BUILD_URL}",
                cc: '',
                from: 'jenkins@avencall.com',
                replyTo: '',
                subject: "Jenkins build is back to normal: ${env.JOB_NAME} #${env.BUILD_NUMBER}",
                to: "randd@avencall.com"
        }
    }
}
