name: Setup Python Environment
description: Configure Python, proxies, dependencies, and optional database setup for CI jobs.
author: CalMiner Team
inputs:
  python-version:
    description: Python version to install.
    required: false
    default: '3.10'
  use-system-python:
    description: Skip setup-python and rely on the system Python already available in the environment.
    required: false
    default: 'false'
  install-playwright:
    description: Install Playwright browsers when true.
    required: false
    default: 'false'
  install-requirements:
    description: Space-delimited list of requirement files to install.
    required: false
    default: 'requirements.txt requirements-test.txt'
  run-db-setup:
    description: Run database wait and setup scripts when true.
    required: false
    default: 'true'
  db-dry-run:
    description: Execute setup script dry run before live run when true.
    required: false
    default: 'true'
runs:
  using: composite
  steps:
    - name: Set up Python
      if: ${{ inputs.use-system-python != 'true' }}
      uses: actions/setup-python@v5
      with:
        python-version: ${{ inputs.python-version }}

    - name: Verify system Python
      if: ${{ inputs.use-system-python == 'true' }}
      shell: bash
      run: |
        set -euo pipefail
        if ! command -v python >/dev/null 2>&1; then
          echo "Python executable not found on PATH" >&2
          exit 1
        fi
        python --version
        python -m pip --version >/dev/null 2>&1 || python -m ensurepip --upgrade
        python -m pip --version
    - name: Create virtual environment
      if: ${{ inputs.use-system-python == 'true' }}
      shell: bash
      run: |
        set -euo pipefail
        if [ -z "${RUNNER_TEMP:-}" ]; then
          echo "RUNNER_TEMP is not set; cannot create virtual environment" >&2
          exit 1
        fi
        VENV_PATH="$(mktemp -d "${RUNNER_TEMP%/}/ci-venv-XXXXXX")"
        python -m venv "${VENV_PATH}"
        PATH_ENTRY=""
        if [ -f "${VENV_PATH}/bin/activate" ]; then
          PATH_ENTRY="${VENV_PATH}/bin"
        elif [ -f "${VENV_PATH}/Scripts/activate" ]; then
          PATH_ENTRY="${VENV_PATH}/Scripts"
        else
          echo "Unable to locate virtual environment scripts" >&2
          exit 1
        fi
        export PATH="${PATH_ENTRY}:${PATH}"
        echo "${PATH_ENTRY}" >> "${GITHUB_PATH}"
        echo "VIRTUAL_ENV=${VENV_PATH}" >> "${GITHUB_ENV}"
        # Re-evaluate the python binary for subsequent steps
        python --version
        python -m pip --version
    - name: Configure apt proxy
      shell: bash
      run: |
        set -euo pipefail
        PROXY_HOST="http://apt-cacher:3142"
        if ! curl -fsS --connect-timeout 3 "${PROXY_HOST}" >/dev/null; then
          PROXY_HOST="http://192.168.88.14:3142"
        fi
        echo "Using APT proxy ${PROXY_HOST}"
        {
          echo "http_proxy=${PROXY_HOST}"
          echo "https_proxy=${PROXY_HOST}"
          echo "HTTP_PROXY=${PROXY_HOST}"
          echo "HTTPS_PROXY=${PROXY_HOST}"
        } >> "$GITHUB_ENV"
        if command -v sudo >/dev/null 2>&1; then
          printf 'Acquire::http::Proxy "%s";\nAcquire::https::Proxy "%s";\n' "${PROXY_HOST}" "${PROXY_HOST}" | sudo tee /etc/apt/apt.conf.d/01proxy >/dev/null
        elif [ "$(id -u)" -eq 0 ]; then
          printf 'Acquire::http::Proxy "%s";\nAcquire::https::Proxy "%s";\n' "${PROXY_HOST}" "${PROXY_HOST}" > /etc/apt/apt.conf.d/01proxy
        else
          echo "Skipping /etc/apt/apt.conf.d/01proxy update; sudo/root not available" >&2
        fi
    - name: Install dependencies
      shell: bash
      run: |
        set -euo pipefail
        requirements="${{ inputs.install-requirements }}"
        if [ -n "${requirements}" ]; then
          for requirement in ${requirements}; do
            if [ -f "${requirement}" ]; then
              python -m pip install -r "${requirement}"
            else
              echo "Requirement file ${requirement} not found" >&2
              exit 1
            fi
          done
        fi
    - name: Install Playwright browsers
      if: ${{ inputs.install-playwright == 'true' }}
      shell: bash
      run: |
        set -euo pipefail
        python -m playwright install --with-deps
    - name: Wait for database service
      if: ${{ inputs.run-db-setup == 'true' }}
      shell: bash
      run: |
        set -euo pipefail
        python - <<'PY'
        import os
        import time

        import psycopg2

        dsn = (
            f"dbname={os.environ['DATABASE_SUPERUSER_DB']} "
            f"user={os.environ['DATABASE_SUPERUSER']} "
            f"password={os.environ['DATABASE_SUPERUSER_PASSWORD']} "
            f"host={os.environ['DATABASE_HOST']} "
            f"port={os.environ['DATABASE_PORT']}"
        )

        for attempt in range(30):
            try:
                with psycopg2.connect(dsn):
                    break
            except psycopg2.OperationalError:
                time.sleep(2)
        else:
            raise SystemExit("Postgres service did not become available")
        PY
    - name: Run database setup (dry run)
      if: ${{ inputs.run-db-setup == 'true' && inputs.db-dry-run == 'true' }}
      shell: bash
      run: |
        set -euo pipefail
        python scripts/setup_database.py --ensure-database --ensure-role --ensure-schema --initialize-schema --run-migrations --seed-data --dry-run -v
    - name: Run database setup
      if: ${{ inputs.run-db-setup == 'true' }}
      shell: bash
      run: |
        set -euo pipefail
        python scripts/setup_database.py --ensure-database --ensure-role --ensure-schema --initialize-schema --run-migrations --seed-data -v