name: 📊 Monitor Workflow Performance

on:
  schedule:
    # Run every 6 hours
    - cron: '0 */6 * * *'
  workflow_dispatch:
    inputs:
      lookback_hours:
        description: 'Hours to look back for metrics'
        required: false
        default: '24'
        type: string

env:
  DEPLOYMENT_HOST: 94.16.110.151

jobs:
  monitor:
    name: Monitor Workflow Performance
    runs-on: php-ci
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 1

      - name: Setup SSH key
        run: |
          mkdir -p ~/.ssh
          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/production
          chmod 600 ~/.ssh/production
          ssh-keyscan -H ${{ env.DEPLOYMENT_HOST }} >> ~/.ssh/known_hosts

      - name: Create Ansible Vault password file
        run: |
          if [ -n "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" ]; then
            echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > /tmp/vault_pass
            chmod 600 /tmp/vault_pass
            echo "✅ Vault password file created"
          else
            echo "⚠️  ANSIBLE_VAULT_PASSWORD secret not set, using empty password file"
            touch /tmp/vault_pass
            chmod 600 /tmp/vault_pass
          fi

      - name: Run performance monitoring
        run: |
          cd /workspace/repo/deployment/ansible
          ansible-playbook -i inventory/production.yml \
            playbooks/monitor-workflow-performance.yml \
            -e "monitoring_lookback_hours=${{ github.event.inputs.lookback_hours || '24' }}" \
            --vault-password-file /tmp/vault_pass \
            --private-key ~/.ssh/production

      - name: Collect metrics files
        run: |
          ssh -i ~/.ssh/production deploy@${{ env.DEPLOYMENT_HOST }} \
            "find /home/deploy/monitoring/workflow-metrics -name 'workflow_metrics_*.json' -mtime -1 -exec cat {} \; | jq -s '.'" \
            > /tmp/combined_metrics.json || echo "[]" > /tmp/combined_metrics.json

      - name: Display metrics summary
        run: |
          if [ -f /tmp/combined_metrics.json ] && [ -s /tmp/combined_metrics.json ]; then
            echo "📊 Performance Metrics Summary:"
            echo "=================================="
            cat /tmp/combined_metrics.json | jq -r '
              .[] | 
              "Timestamp: \(.timestamp)",
              "System Load: \(.system_metrics.load_average)",
              "CPU Usage: \(.system_metrics.cpu_usage_percent)%",
              "Memory: \(.system_metrics.memory_usage)",
              "Gitea Runner: \(.gitea_metrics.runner_status)",
              "Gitea API Response: \(.gitea_metrics.api_response_time_ms)ms",
              "Workflow Log Entries: \(.gitea_metrics.workflow_log_entries_last_24h)",
              "---"
            ' || echo "⚠️  Could not parse metrics"
          else
            echo "⚠️  No metrics collected"
          fi

      - name: Upload metrics as artifact
        uses: actions/upload-artifact@v4
        with:
          name: workflow-metrics
          path: /tmp/combined_metrics.json
          retention-days: 30
        if: always()