name: "Setup authentik testing environment"
description: "Setup authentik testing environment"

inputs:
  dependencies:
    description: "List of dependencies to setup"
    default: "system,python,rust,node,go,runtime"
  postgresql_version:
    description: "Optional postgresql image tag"
    default: "16"
  working-directory:
    description: |
      Optional working directory if this repo isn't in the root of the actions workspace.
      When set, needs to contain a trailing slash
    default: ""

runs:
  using: "composite"
  steps:
    - name: Cleanup apt
      if: ${{ contains(inputs.dependencies, 'system') || contains(inputs.dependencies, 'python') }}
      shell: bash
      run: sudo apt-get remove --purge man-db
    - name: Install apt deps
      if: ${{ contains(inputs.dependencies, 'system') || contains(inputs.dependencies, 'python') }}
      uses: gerlero/apt-install@f4fa5265092af9e750549565d28c99aec7189639
      with:
        packages: libpq-dev openssl libxmlsec1-dev pkg-config gettext krb5-multidev libkrb5-dev heimdal-multidev libclang-dev krb5-kdc krb5-user krb5-admin-server
        update: true
        upgrade: false
        install-recommends: false
    - name: Make space on disk
      if: ${{ contains(inputs.dependencies, 'system') || contains(inputs.dependencies, 'python') }}
      shell: bash
      run: |
        sudo mkdir -p /tmp/empty/
        sudo rsync -a --delete /tmp/empty/ /usr/local/lib/android/
    - name: Install uv
      if: ${{ contains(inputs.dependencies, 'python') }}
      uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v5
      with:
        enable-cache: true
    - name: Setup python
      if: ${{ contains(inputs.dependencies, 'python') }}
      uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v5
      with:
        python-version-file: "${{ inputs.working-directory }}pyproject.toml"
    - name: Install Python deps
      if: ${{ contains(inputs.dependencies, 'python') }}
      shell: bash
      working-directory: ${{ inputs.working-directory }}
      run: uv sync --all-extras --dev --frozen
    - name: Setup rust (stable)
      if: ${{ contains(inputs.dependencies, 'rust') && !contains(inputs.dependencies, 'rust-nightly') }}
      uses: actions-rust-lang/setup-rust-toolchain@2b1f5e9b395427c92ee4e3331786ca3c37afe2d7 # v1
      with:
        rustflags: ""
    - name: Setup rust (nightly)
      if: ${{ contains(inputs.dependencies, 'rust-nightly') }}
      uses: actions-rust-lang/setup-rust-toolchain@2b1f5e9b395427c92ee4e3331786ca3c37afe2d7 # v1
      with:
        toolchain: nightly
        components: rustfmt
        rustflags: ""
    - name: Setup rust dependencies
      if: ${{ contains(inputs.dependencies, 'rust') }}
      uses: taiki-e/install-action@58e862542551f667fa44c8a2a4a1d64ad477c96a # v2
      with:
        tool: cargo-deny cargo-machete cargo-llvm-cov nextest
    - name: Setup node (web)
      if: ${{ contains(inputs.dependencies, 'node') }}
      uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v4
      with:
        node-version-file: "${{ inputs.working-directory }}web/package.json"
        cache: "npm"
        cache-dependency-path: "${{ inputs.working-directory }}web/package-lock.json"
        registry-url: "https://registry.npmjs.org"
    - name: Setup node (root)
      if: ${{ contains(inputs.dependencies, 'node') }}
      uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v4
      with:
        node-version-file: "${{ inputs.working-directory }}package.json"
        cache: "npm"
        cache-dependency-path: "${{ inputs.working-directory }}package-lock.json"
        registry-url: "https://registry.npmjs.org"
    - name: Install Node deps
      if: ${{ contains(inputs.dependencies, 'node') }}
      shell: bash
      working-directory: ${{ inputs.working-directory }}
      run: npm ci
    - name: Setup go
      if: ${{ contains(inputs.dependencies, 'go') }}
      uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v5
      with:
        go-version-file: "${{ inputs.working-directory }}go.mod"
    - name: Setup docker cache
      if: ${{ contains(inputs.dependencies, 'runtime') }}
      uses: AndreKurait/docker-cache@0fe76702a40db986d9663c24954fc14c6a6031b7
      with:
        key: docker-images-${{ runner.os }}-${{ hashFiles('.github/actions/setup/compose.yml', 'Makefile') }}-${{ inputs.postgresql_version }}
    - name: Setup dependencies
      if: ${{ contains(inputs.dependencies, 'runtime') }}
      shell: bash
      working-directory: ${{ inputs.working-directory }}
      run: |
        export PSQL_TAG=${{ inputs.postgresql_version }}
        docker compose -f .github/actions/setup/compose.yml up -d
        cd web && npm ci
    - name: Generate config
      if: ${{ contains(inputs.dependencies, 'python') }}
      shell: uv run python {0}
      working-directory: ${{ inputs.working-directory }}
      run: |
        from authentik.lib.generators import generate_id
        from yaml import safe_dump

        with open("local.env.yml", "w") as _config:
            safe_dump(
                {
                    "log_level": "debug",
                    "secret_key": generate_id(),
                },
                _config,
                default_flow_style=False,
            )