name: Build using Docker

on:
  push:
    branches: ["dev", "candidate", "release", "ci-experiments"]
  pull_request:
    branches: ["dev", "candidate", "release", "ci-experiments"]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

env:
  DEBUG_BUILD_CONTAINERS_AFTER_CLEANUP: 1

jobs:
  checkout:
    runs-on: [self-hosted, vanity]
    outputs:
      checkout_path: ${{ steps.vars.outputs.checkout_path }}
    steps:
      - name: Prepare checkout path
        id: vars
        run: |
          SAFE_BRANCH=$(echo "${{ github.ref_name }}" | sed -e 's/[^a-zA-Z0-9._-]/-/g')
          CHECKOUT_PATH="${SAFE_BRANCH}-${{ github.sha }}"
          echo "checkout_path=${CHECKOUT_PATH}" >> "$GITHUB_OUTPUT"

      - uses: actions/checkout@v4
        with:
          path: ${{ steps.vars.outputs.checkout_path }}
          clean: true
          fetch-depth: 2 # Only get the last 2 commits, to avoid fetching all history

  checkpatterns:
    runs-on: [self-hosted, vanity]
    needs: checkout
    defaults:
      run:
        working-directory: ${{ needs.checkout.outputs.checkout_path }}
    steps:
      - name: Check for suspicious patterns
        run: /bin/bash suspicious_patterns.sh

  build:
    runs-on: [self-hosted, vanity]
    needs: [checkpatterns, checkout]
    defaults:
      run:
        working-directory: ${{ needs.checkout.outputs.checkout_path }}
    steps:
      - name: Install Python & pipx
        run: |
          sudo apt update && sudo apt install -y python3 python3-pip pipx python-is-python3

      - name: Install Conan
        run: |
          pipx install "conan<2.0"
          /root/.local/bin/conan --version # PATH doesn't seem to be set correctly

      - name: Setup network and Gitea
        run: |
          # Create network for container communication (idempotent)
          docker network create conan-net 2>/dev/null || true
          
          # Setup Gitea
          PATH="/root/.local/bin:$PATH" python .ci/gitea.py setup --debug

          # Connect Gitea to the network (idempotent)
          docker network connect conan-net gitea-conan-persistent 2>/dev/null || true
          
          # Verify it's connected
          docker inspect gitea-conan-persistent -f '{{range $net,$v := .NetworkSettings.Networks}}{{$net}} {{end}}'

#      - name: Test Gitea from build container
#        run: |
#          # Show conan-net details
#          echo "=== Docker network 'conan-net' details ==="
#          docker network inspect conan-net
#
#          # Show what networks Gitea is connected to
#          echo "=== Gitea container networks ==="
#          docker inspect gitea-conan-persistent -f '{{json .NetworkSettings.Networks}}' | python -m json.tool
#
#          # Check if DNS resolution works without adding to conan-net
#          docker run --rm alpine nslookup gitea-conan-persistent || echo "⚠️ DNS resolution failed without conan-net"
#
#          docker run --rm --network conan-net alpine sh -c "
#            # First verify connectivity works
#            apk add --no-cache curl >/dev/null 2>&1
#            echo 'Testing DNS resolution...'
#            nslookup gitea-conan-persistent
#            echo 'Testing HTTP connection...'
#            curl -s http://gitea-conan-persistent:3000 | head -n1
#          "
#          docker run --rm --network conan-net conanio/gcc11 bash -xec "
#            # Configure Conan using the resolved IP
#            conan remote add gitea-local http://gitea-conan-persistent:3000/api/packages/conan/conan
#            conan user -p conan-pass-2024 -r gitea-local conan
#
#            # Enable revisions to match the server expectation
#            conan config set general.revisions_enabled=1
#
#            # Test package upload/download
#            conan install zlib/1.3.1@ --build=zlib
#            conan upload 'zlib/*' --all -r gitea-local --confirm
#            conan remove 'zlib/*' -f
#            conan install zlib/1.3.1@ -r gitea-local
#            echo '✅ Container-to-container test successful!'#      - name: Build using Docker
#          "
#        run: /bin/bash release-builder.sh
#
#      - name: Stop Container (Cleanup)
#        if: always()
#        run: |
#          echo "Running cleanup script: $JOB_CLEANUP_SCRIPT"
#          /bin/bash -e -x "$JOB_CLEANUP_SCRIPT"
#          CLEANUP_EXIT_CODE=$?
#
#          if [[ "$CLEANUP_EXIT_CODE" -eq 0 ]]; then
#            echo "Cleanup script succeeded."
#            rm -f "$JOB_CLEANUP_SCRIPT"
#            echo "Cleanup script removed."
#          else
#            echo "⚠️ Cleanup script failed! Keeping for debugging: $JOB_CLEANUP_SCRIPT"
#          fi
#
#          if [[ "${DEBUG_BUILD_CONTAINERS_AFTER_CLEANUP}" == "1" ]]; then
#            echo "🔍 Checking for leftover containers..."
#            BUILD_CONTAINERS=$(docker ps --format '{{.Names}}' | grep '^xahaud_cached_builder' || echo "")
#
#            if [[ -n "$BUILD_CONTAINERS" ]]; then
#              echo "⚠️ WARNING: Some build containers are still running"
#              echo "$BUILD_CONTAINERS"
#            else
#              echo "✅ No build containers found"
#            fi
#          fi

  tests:
    runs-on: [self-hosted, vanity]
    needs: [build, checkout]
    defaults:
      run:
        working-directory: ${{ needs.checkout.outputs.checkout_path }}
    steps:
      - name: Unit tests
        run: PATH="/root/.local/bin:$PATH" python .ci/gitea.py test --debug

  cleanup:
    runs-on: [self-hosted, vanity]
    needs: [tests, checkout]
    if: always()
    steps:
      - name: Cleanup workspace
        run: |
          CHECKOUT_PATH="${{ needs.checkout.outputs.checkout_path }}"
          PATH="/root/.local/bin:$PATH" python "${CHECKOUT_PATH}/.ci/gitea.py" teardown --debug
          echo "Cleaning workspace for ${CHECKOUT_PATH}"
          rm -rf "${{ github.workspace }}/${CHECKOUT_PATH}"