#!/bin/bash
set -euo pipefail

SCRIPT_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
REPO_ROOT=$(cd "${SCRIPT_DIR}/.." && pwd)

fail() {
    echo "FAIL: $*" >&2
    exit 1
}

test_preset_compose_uses_env_for_instance() {
    local file

    for file in \
        "${REPO_ROOT}/docker-runner/presets/standard-ubuntu-22/docker-compose.yml" \
        "${REPO_ROOT}/docker-runner/presets/buildx-ubuntu-22/docker-compose.yml" \
        "${REPO_ROOT}/docker-runner/presets/buildx-archlinux/docker-compose.yml"; do
        grep -q 'GITEA_INSTANCE=${GITEA_INSTANCE}' "${file}" || fail "${file} should read GITEA_INSTANCE from env"
        grep -q 'GITEA_TOKEN=${GITEA_TOKEN}' "${file}" || fail "${file} should read GITEA_TOKEN from env"
    done
}

test_workflows_do_not_hardcode_company_server() {
    ! rg -q 'https://git\.mytsl\.cn' "${REPO_ROOT}/.gitea/workflows/changelog_and_release.yml" || fail "changelog workflow should not hardcode company server"
    ! rg -q 'https://git\.mytsl\.cn' "${REPO_ROOT}/.gitea/workflows/update_stats_badge.yaml" || fail "stats workflow should not hardcode company server"
}

test_stats_workflow_uses_workflow_secret_consistently() {
    local file

    file="${REPO_ROOT}/.gitea/workflows/update_stats_badge.yaml"

    grep -q 'ACCESS_TOKEN: ${{ secrets.WORKFLOW }}' "${file}" || fail "stats workflow should read ACCESS_TOKEN from WORKFLOW secret"
    ! rg -q 'STATS_TOKEN' "${file}" || fail "stats workflow should not mention legacy STATS_TOKEN secret"
    ! rg -q 'GITHUB_TOKEN' "${file}" || fail "stats workflow should not mention GITHUB_TOKEN in token guidance"
}

test_preset_env_examples_exist() {
    local file

    for file in \
        "${REPO_ROOT}/docker-runner/presets/standard-ubuntu-22/.env.example" \
        "${REPO_ROOT}/docker-runner/presets/buildx-ubuntu-22/.env.example" \
        "${REPO_ROOT}/docker-runner/presets/buildx-archlinux/.env.example"; do
        test -f "${file}" || fail "missing env example: ${file}"
        grep -q '^GITEA_INSTANCE=https://git.mytsl.cn$' "${file}" || fail "${file} should include company default instance"
        grep -q '^GITEA_TOKEN=$' "${file}" || fail "${file} should include empty token placeholder"
    done
}

test_preset_compose_uses_env_for_instance
test_workflows_do_not_hardcode_company_server
test_stats_workflow_uses_workflow_secret_consistently
test_preset_env_examples_exist

echo "template_defaults_test.sh: PASS"