pipeline {
  agent {
    label 'linux && genarrative-build'
  }

  options {
    disableConcurrentBuilds()
    skipDefaultCheckout(true)
    buildDiscarder(logRotator(numToKeepStr: '20', artifactNumToKeepStr: '20'))
  }

  environment {
    GIT_REMOTE_URL = 'http://127.0.0.1:3000/GenarrativeAI/Genarrative.git'
    GIT_REMOTE_FALLBACK_URL = 'https://git.genarrative.world/GenarrativeAI/Genarrative.git'
    CARGO_INCREMENTAL = '0'
    RUSTC_WRAPPER = 'sccache'
    SCCACHE_CACHE_SIZE = '30G'
  }

  parameters {
    string(name: 'SOURCE_BRANCH', defaultValue: 'master', description: '源码分支，默认 master 最新提交')
    string(name: 'COMMIT_HASH', defaultValue: '', description: '可选，指定属于 SOURCE_BRANCH 的 Git commit')
    string(name: 'BUILD_VERSION', defaultValue: '', description: '发布版本号，留空则使用 Jenkins BUILD_NUMBER')
    string(name: 'NOTIFICATION_EMAILS', defaultValue: '', description: '本次运行追加通知邮箱；会与 Jenkins Secret Text 凭据 genarrative-notification-emails 合并发送')
    string(name: 'MIGRATION_BOOTSTRAP_SECRET_CREDENTIAL_ID', defaultValue: '', description: '可选，复用既有迁移 bootstrap secret 的 Jenkins Secret Text 凭据 ID；留空则本次构建自动生成')
    booleanParam(name: 'PUBLISH_AFTER_BUILD', defaultValue: false, description: '构建成功后是否触发 Stdb module 发布')
    string(name: 'DEPLOY_JOB_NAME', defaultValue: 'Genarrative-Stdb-Module-Publish', description: 'Stdb module 发布流水线作业名')
    choice(name: 'DEPLOY_TARGET', choices: ['development', 'release'], description: 'PUBLISH_AFTER_BUILD=true 时的逻辑部署目标；development 使用当前 Linux 开发/构建/开发部署 agent')
    booleanParam(name: 'CONFIRM_RELEASE_DEPLOY_AGENT', defaultValue: false, description: 'PUBLISH_AFTER_BUILD=true 且目标为 release 时必须确认已有独立 release 部署 agent')
    string(name: 'DATABASE', defaultValue: 'genarrative-prod', description: '生产 SpacetimeDB database')
  }

  stages {
    stage('Checkout') {
      steps {
        script {
          def checkoutFromRemote = { String remoteUrl ->
            checkout([
              $class: 'GitSCM',
              branches: [[name: "*/${params.SOURCE_BRANCH}"]],
              doGenerateSubmoduleConfigurations: false,
              extensions: [
                [$class: 'CleanBeforeCheckout'],
                [$class: 'CloneOption', shallow: true, depth: 1, noTags: true, timeout: 30, honorRefspec: true],
              ],
              userRemoteConfigs: [[url: remoteUrl, refspec: "+refs/heads/${params.SOURCE_BRANCH}:refs/remotes/origin/${params.SOURCE_BRANCH}"]],
            ])
          }
          try {
            checkoutFromRemote(env.GIT_REMOTE_URL)
            env.EFFECTIVE_GIT_REMOTE_URL = env.GIT_REMOTE_URL
          } catch (error) {
            echo "Git 主地址拉取失败: ${env.GIT_REMOTE_URL}，改用备用地址: ${env.GIT_REMOTE_FALLBACK_URL}"
            checkoutFromRemote(env.GIT_REMOTE_FALLBACK_URL)
            env.EFFECTIVE_GIT_REMOTE_URL = env.GIT_REMOTE_FALLBACK_URL
          }
        }
        sh '''
          bash -lc '
            set -euo pipefail
            chmod +x scripts/jenkins-checkout-source.sh
            SOURCE_BRANCH="${SOURCE_BRANCH:-master}" \
            COMMIT_HASH="${COMMIT_HASH:-}" \
            GIT_REMOTE_URL="${EFFECTIVE_GIT_REMOTE_URL:-${GIT_REMOTE_URL}}" \
            GIT_REMOTE_FALLBACK_URL="${GIT_REMOTE_FALLBACK_URL:-}" \
            SOURCE_COMMIT_FILE=".jenkins-source-commit" \
            scripts/jenkins-checkout-source.sh
          '
        '''
        script {
          env.SOURCE_COMMIT = readFile('.jenkins-source-commit').trim()
          env.EFFECTIVE_BUILD_VERSION = params.BUILD_VERSION?.trim() ? params.BUILD_VERSION.trim() : env.BUILD_NUMBER
        }
      }
    }

    stage('Build Stdb Module') {
      steps {
        script {
          def buildStep = {
            sh '''
              bash -lc '
                set -euo pipefail
                workspace_tmp="${WORKSPACE_TMP:-${WORKSPACE}@tmp}"
                export CARGO_HOME="${workspace_tmp}/cargo-home"
                export CARGO_TARGET_DIR="${workspace_tmp}/cargo-target/prod-release"
                export CARGO_INCREMENTAL=0
                export RUSTC_WRAPPER=sccache
                export SCCACHE_DIR="${workspace_tmp}/sccache-stdb-module"
                export SCCACHE_CACHE_SIZE=30G
                mkdir -p "${CARGO_HOME}" "${CARGO_TARGET_DIR}" "${SCCACHE_DIR}"
                chmod +x scripts/jenkins-prepare-cargo-env.sh
                source scripts/jenkins-prepare-cargo-env.sh
                if ! command -v sccache >/dev/null 2>&1; then
                  echo "[stdb-build] 未找到可用 sccache，改用 rustc 直接构建。"
                  unset RUSTC_WRAPPER
                fi
                SOURCE_BRANCH="${SOURCE_BRANCH}" SOURCE_COMMIT="${SOURCE_COMMIT}" \
                npm run build:production-release -- --component spacetime-module --name "${EFFECTIVE_BUILD_VERSION}"
              '
            '''
          }
          if (params.MIGRATION_BOOTSTRAP_SECRET_CREDENTIAL_ID?.trim()) {
            withCredentials([
              string(credentialsId: params.MIGRATION_BOOTSTRAP_SECRET_CREDENTIAL_ID.trim(), variable: 'GENARRATIVE_SPACETIME_MIGRATION_BOOTSTRAP_SECRET')
            ]) {
              buildStep()
            }
          } else {
            buildStep()
          }
        }
      }
    }

    stage('Archive') {
      steps {
        archiveArtifacts artifacts: "build/${env.EFFECTIVE_BUILD_VERSION}/spacetime_module.wasm,build/${env.EFFECTIVE_BUILD_VERSION}/spacetime_module.wasm.sha256,build/${env.EFFECTIVE_BUILD_VERSION}/release-manifest.json", fingerprint: true
        archiveArtifacts artifacts: "build/${env.EFFECTIVE_BUILD_VERSION}/migration-bootstrap-secret.txt", fingerprint: false
      }
    }

    stage('Publish') {
      when {
        expression { return params.PUBLISH_AFTER_BUILD }
      }
      steps {
        build job: params.DEPLOY_JOB_NAME,
          wait: true,
          propagate: true,
          parameters: [
            string(name: 'SOURCE_BRANCH', value: params.SOURCE_BRANCH),
            string(name: 'COMMIT_HASH', value: env.SOURCE_COMMIT),
            string(name: 'BUILD_VERSION', value: env.EFFECTIVE_BUILD_VERSION),
            string(name: 'NOTIFICATION_EMAILS', value: params.NOTIFICATION_EMAILS ?: ''),
            string(name: 'DEPLOY_TARGET', value: params.DEPLOY_TARGET),
            booleanParam(name: 'CONFIRM_RELEASE_DEPLOY_AGENT', value: params.CONFIRM_RELEASE_DEPLOY_AGENT),
            string(name: 'BUILD_JOB_NAME', value: env.JOB_NAME),
            string(name: 'BUILD_NUMBER_TO_DEPLOY', value: env.BUILD_NUMBER),
            string(name: 'DATABASE', value: params.DATABASE),
          ]
      }
    }
  }

  post {
    always {
      script {
        def notificationParameters = [
          string(name: 'SOURCE_JOB_NAME', value: env.JOB_NAME),
          string(name: 'SOURCE_BUILD_NUMBER', value: env.BUILD_NUMBER),
          string(name: 'SOURCE_BUILD_URL', value: env.BUILD_URL ?: ''),
          string(name: 'SOURCE_RESULT', value: currentBuild.currentResult ?: 'UNKNOWN'),
          string(name: 'SOURCE_BRANCH', value: params.SOURCE_BRANCH ?: ''),
          string(name: 'SOURCE_COMMIT', value: env.SOURCE_COMMIT ?: (params.COMMIT_HASH ?: '')),
          string(name: 'BUILD_VERSION', value: env.EFFECTIVE_BUILD_VERSION ?: (params.BUILD_VERSION ?: '')),
          string(name: 'DEPLOY_TARGET', value: params.DEPLOY_TARGET ?: ''),
          string(name: 'DATABASE', value: params.DATABASE ?: ''),
          string(name: 'SUMMARY', value: 'Stdb module 构建流水线结束'),
        ]
        def notificationRecipients = params.NOTIFICATION_EMAILS?.trim()
        if (notificationRecipients) {
          notificationParameters.add(string(name: 'EMAIL_RECIPIENTS', value: notificationRecipients))
        }
        try {
          build job: 'Genarrative-Notify-Email',
            wait: false,
            propagate: false,
            parameters: notificationParameters
        } catch (error) {
          echo "邮件通知触发失败: ${error.message}"
        }
      }
    }
    success {
      echo "Stdb module 构建完成: version=${env.EFFECTIVE_BUILD_VERSION}, commit=${env.SOURCE_COMMIT}"
    }
  }
}