name: CI

on:
  workflow_call:
    inputs:
      k8s_dir:
        description: "Path to Kubernetes manifests directory"
        required: false
        default: "k8s/"
        type: string
      helmfile_path:
        description: "Path to helmfile.yaml"
        required: false
        default: "helmfile.yaml"
        type: string
      skip_helm_validation:
        description: "Skip Helm validation even if helmfile.yaml exists"
        required: false
        default: false
        type: boolean
      helmfile_env:
        description: "Optional JSON object string of environment variables for Helmfile"
        required: false
        default: "{}"
        type: string
    outputs:
      has_k8s:
        description: "Whether Kubernetes manifests were detected"
        value: ${{ jobs.summary-data.outputs.has_k8s }}
      has_helmfile:
        description: "Whether helmfile.yaml was detected"
        value: ${{ jobs.summary-data.outputs.has_helmfile }}
      skip_helm_validation:
        description: "Whether Helm validation was manually skipped"
        value: ${{ jobs.summary-data.outputs.skip_helm_validation }}
      service_type:
        description: "Service type inferred from repository contents"
        value: ${{ jobs.summary-data.outputs.service_type }}

jobs:
  detect-service-type:
    runs-on: ubuntu-latest
    outputs:
      has_helmfile: ${{ steps.check-helmfile.outputs.exists }}
      has_k8s: ${{ steps.check-k8s.outputs.exists }}
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - name: Check if helmfile.yaml exists
        id: check-helmfile
        run: |
          if [ -f "${{ inputs.helmfile_path }}" ]; then
            echo "exists=true" >> $GITHUB_OUTPUT
            echo "Found helmfile.yaml at ${{ inputs.helmfile_path }}"
          else
            echo "exists=false" >> $GITHUB_OUTPUT
            echo "No helmfile.yaml found at ${{ inputs.helmfile_path }}"
          fi
      - name: Check if k8s directory exists
        id: check-k8s
        run: |
          if [ -d "${{ inputs.k8s_dir }}" ]; then
            echo "exists=true" >> $GITHUB_OUTPUT
            echo "Found k8s directory at ${{ inputs.k8s_dir }}"
          else
            echo "exists=false" >> $GITHUB_OUTPUT
            echo "No k8s directory found at ${{ inputs.k8s_dir }}"
          fi

  validate-k8s:
    runs-on: ubuntu-latest
    needs: detect-service-type
    if: needs.detect-service-type.outputs.has_k8s == 'true'
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - uses: https://gitea.t000-n.de/t.behrendt/k_deploy_actions/.gitea/actions/extract-namespace-from-repo-name@0.0.1
        id: namespace
        with:
          repo: ${{ github.repository }}
      - uses: azure/setup-kubectl@829323503d1be3d00ca8346e5391ca0b07a9ab0d # v5.1.0
      - uses: azure/k8s-set-context@89b837d75b40a7bd2ddafde837473c212db8b313 # v5.0.0
        with:
          method: kubeconfig
          kubeconfig: ${{ secrets.KUBECONFIG }}
      - name: Validate k8s manifests
        uses: azure/k8s-lint@6aefe5066f95e73d2b140d8835cc95583b886989 # v3.0.1
        with:
          namespace: ${{ steps.namespace.outputs.namespace }}
          lintType: dryrun
          manifests: "${{ inputs.k8s_dir }}"

  validate-helm:
    runs-on: ubuntu-latest
    needs: detect-service-type
    if: |
      needs.detect-service-type.outputs.has_helmfile == 'true' && 
      needs.detect-service-type.outputs.has_k8s == 'true' && 
      inputs.skip_helm_validation != 'true'
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
      - uses: https://gitea.t000-n.de/t.behrendt/k_deploy_actions/.gitea/actions/extract-namespace-from-repo-name@0.0.1
        id: namespace
        with:
          repo: ${{ github.repository }}
      - uses: azure/setup-kubectl@829323503d1be3d00ca8346e5391ca0b07a9ab0d # v5.1.0
      - uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5
      - uses: azure/k8s-set-context@89b837d75b40a7bd2ddafde837473c212db8b313 # v5.0.0
        with:
          method: kubeconfig
          kubeconfig: ${{ secrets.KUBECONFIG }}
      - name: Validate Helm
        uses: helmfile/helmfile-action@02671705b1dda1dc4b0a4ddd4f9f1ea8f4568c6f # v2.4.3
        with:
          helmfile-args: diff
        env: ${{ fromJSON(inputs.helmfile_env) }}

  summary-data:
    runs-on: ubuntu-latest
    needs: [detect-service-type, validate-k8s, validate-helm]
    if: always()
    outputs:
      has_k8s: ${{ steps.export.outputs.has_k8s }}
      has_helmfile: ${{ steps.export.outputs.has_helmfile }}
      skip_helm_validation: ${{ steps.export.outputs.skip_helm_validation }}
      service_type: ${{ steps.export.outputs.service_type }}
    steps:
      - name: Export summary data
        id: export
        run: |
          has_k8s="${{ needs.detect-service-type.outputs.has_k8s }}"
          has_helmfile="${{ needs.detect-service-type.outputs.has_helmfile }}"
          skip_helm_validation="${{ inputs.skip_helm_validation }}"

          if [ "$has_helmfile" = "true" ]; then
            service_type="Helm + Kubernetes"
          else
            service_type="Kubernetes Only"
          fi

          echo "has_k8s=$has_k8s" >> "$GITHUB_OUTPUT"
          echo "has_helmfile=$has_helmfile" >> "$GITHUB_OUTPUT"
          echo "skip_helm_validation=$skip_helm_validation" >> "$GITHUB_OUTPUT"
          echo "service_type=$service_type" >> "$GITHUB_OUTPUT"