name: CI

on:
  push:
    branches: [main, staging]
  pull_request:
    branches: [main, staging]

concurrency:
  group: ci-${{ github.ref }}
  cancel-in-progress: false

jobs:
  test-build:
    name: Test and Build
    uses: ./.github/workflows/test-build.yml
    secrets: inherit

  # Build and push images (ECR for staging, ECR + GHCR for main)
  build-images:
    name: Build Images
    needs: test-build
    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging')
    uses: ./.github/workflows/images.yml
    secrets: inherit
    permissions:
      contents: read
      packages: write
      id-token: write

  # Deploy Trigger.dev (after builds complete)
  trigger-deploy:
    name: Deploy Trigger.dev
    needs: build-images
    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging')
    uses: ./.github/workflows/trigger-deploy.yml
    secrets: inherit

  # Run database migrations (depends on build completion and trigger deployment)
  migrations:
    name: Apply Database Migrations
    needs: [build-images, trigger-deploy]
    if: |
      always() &&
      github.event_name == 'push' &&
      (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging') &&
      needs.build-images.result == 'success' &&
      needs.trigger-deploy.result == 'success'
    uses: ./.github/workflows/migrations.yml
    secrets: inherit

  # Process docs embeddings if needed
  process-docs:
    name: Process Docs
    needs: migrations
    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/staging')
    uses: ./.github/workflows/docs-embeddings.yml
    secrets: inherit