name: test

on:
  push:
    branches:
      - main

jobs:
  test-default:
    runs-on: ubuntu-latest
    container:
      image: gitea/runner-images:ubuntu-latest

    steps:
      - name: Checkout
        uses: actions/checkout@v4
      
      - name: Setup go
        uses: actions/setup-go@v5
        with:
          go-version-file: 'go.mod'

      - name: Setup Hashicorp Vault
        run: |
          wget -O - https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
          echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(grep -oP '(?<=UBUNTU_CODENAME=).*' /etc/os-release || lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
          apt-get update && apt-get -y install vault strace

      - name: Start Vault in background
        run: |
          # Start Vault server in background
          strace -ff vault server -dev -dev-root-token-id=root -dev-listen-address=0.0.0.0:8200 > vault.log 2>&1 &
          VAULT_PID=$!
          echo $VAULT_PID > vault.pid

          if ! vault status; then
            echo "Vault failed to start. Logs ($(wc -l vault.log) lines):"
            cat vault.log
            exit 1
          fi

          echo "Vault started successfully with PID: $VAULT_PID"

      - name: Vet
        run: go vet -v ./...

      - name: Test
        run: |
          VAULT_SKIP_VERIFY=${{vars.VAULT_SKIP_VERIFY}} \
          TEST_VAULT_VALUE="${{vars.TEST_VAULT_VALUE}}" \
          TEST_VAULT_KEY="${{vars.TEST_VAULT_KEY}}" \
          go test -v ./...

      - name: Stop Vault (always run)
        if: always()
        run: |
          if [ -f vault.pid ]; then
            kill $(cat vault.pid) 2>/dev/null || true
            rm -f vault.pid
          fi