pipeline {
    agent any

    parameters {
        choice(name: 'env', choices: ['dev', 'test', 'prod'], description: '部署环境（dev/test/prod）')
        string(name: 'NAMESPACE', defaultValue: 'gateway', description: 'Kubernetes 命名空间')
    }

    environment {
        PROJECT_NAME       = 'gateway-service'
        MODULE_NAME        = 'gateway-service-server'
        MAVEN_HOME         = '/usr/local/apache-maven-3.9.9/bin'
        HARBOR_HOST        = '8.130.28.21:81'
        HARBOR_USERNAME    = 'admin'
        HARBOR_PASSWORD    = 'Hfln@1024'
        KUBECONFIG_PATH    = '/root/.kube/config'
        SPRING_PROFILES_ACTIVE = "${params.env}"
    }

    stages {

        stage('🧬 拉取 Git 代码') {
            steps {
                script {
                    echo ">>> 正在拉取 Git 代码..."
                    checkout scm
                    echo ">>> 拉取完成 ✅"
                }
            }
        }

        stage('📦 Maven 构建') {
            steps {
                script {
                    echo ">>> 构建模块 ${MODULE_NAME}"
                    sh "${MAVEN_HOME}/mvn clean package -pl ${MODULE_NAME} -am -DskipTests"
                    echo ">>> 构建完成 ✅"
                }
            }
        }

        stage('🐳 构建并推送 Docker 镜像') {
            steps {
                script {
                    def imageTag = "${HARBOR_HOST}/${params.env}/${PROJECT_NAME}:${BUILD_NUMBER}"
                    echo ">>> 构建镜像: ${imageTag}"
                    sh """
                        docker login -u ${HARBOR_USERNAME} -p ${HARBOR_PASSWORD} ${HARBOR_HOST}
                        docker build -t ${imageTag} --build-arg env=${params.env} .
                        docker push ${imageTag}
                        docker rmi ${imageTag}
                    """
                    echo ">>> 镜像推送完成 ✅"
                }
            }
        }

        stage('🚀 部署到 Kubernetes') {
            steps {
                script {
                    def imageTag = "${HARBOR_HOST}/${params.env}/${PROJECT_NAME}:${BUILD_NUMBER}"
                    echo ">>> 开始部署到 Kubernetes：namespace=${params.NAMESPACE}"

                    sh """
                        export KUBECONFIG=${KUBECONFIG_PATH}

                        # 创建 namespace（如果不存在）
                        kubectl get ns ${params.NAMESPACE} || kubectl create ns ${params.NAMESPACE}

                        # 创建 Harbor 镜像拉取密钥（如果不存在）
                        kubectl get secret harbor-secret -n ${params.NAMESPACE} || kubectl create secret docker-registry harbor-secret \
                          --docker-server=${HARBOR_HOST} \
                          --docker-username=${HARBOR_USERNAME} \
                          --docker-password=${HARBOR_PASSWORD} \
                          --docker-email=admin@hfln.local \
                          -n ${params.NAMESPACE}

                        # 应用 Deployment + Service
                        cat <<EOF | kubectl apply -n ${params.NAMESPACE} -f -
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ${PROJECT_NAME}
spec:
  replicas: 2
  selector:
    matchLabels:
      app: ${PROJECT_NAME}
  template:
    metadata:
      labels:
        app: ${PROJECT_NAME}
    spec:
      containers:
      - name: ${PROJECT_NAME}
        image: ${imageTag}
        ports:
        - containerPort: 8080
        env:
        - name: SPRING_PROFILES_ACTIVE
          value: "${params.env}"
      imagePullSecrets:
      - name: harbor-secret
---
apiVersion: v1
kind: Service
metadata:
  name: ${PROJECT_NAME}
spec:
  selector:
    app: ${PROJECT_NAME}
  type: NodePort
  ports:
  - port: 80
    targetPort: 8080
    nodePort: 30085
EOF
                    """
                    echo ">>> ✅ 部署成功，服务地址：http://<任意NodeIP>:30085/"
                }
            }
        }
    }

    post {
        success {
            echo "🎉 构建 & 部署成功 ✅"
            script {
                // 清理本地旧镜像，仅保留最近3个
                sh """
                    docker images --format '{{.Repository}}:{{.Tag}} {{.CreatedAt}}' | \
                    grep '${HARBOR_HOST}/${params.env}/${PROJECT_NAME}:' | \
                    sort -rk2 | \
                    tail -n +4 | \
                    awk '{print \$1}' | xargs -r docker rmi || true
                """
            }
        }
        failure {
            echo "❌ 构建或部署失败，请检查日志。"
        }
        always {
            echo "🧼 清理 Jenkins 工作区..."
            cleanWs()
        }
    }
}