name: CI Pipeline

on:
  push:
    branches: [ main, develop ]
  pull_request:
    branches: [ main ]

jobs:
  lint-ansible:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Install Ansible Lint
      run: pip install ansible-lint
    - name: Lint Ansible Playbooks
      run: |
        cd enterprise-infra-simulator
        ansible-lint playbooks/*.yml
    - name: Check Ansible Syntax
      run: |
        cd enterprise-infra-simulator
        ansible-playbook --syntax-check playbooks/*.yml

  test-python:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Set up Python
      uses: actions/setup-python@v4
      with:
        python-version: '3.8'
    - name: Install Dependencies
      run: |
        cd migration-validation-framework
        pip install -r requirements.txt
    - name: Run Python Tests
      run: |
        cd migration-validation-framework
        python -m pytest tests/ -v --cov=. --cov-report=xml
    - name: Lint Python Code
      run: |
        pip install flake8 black isort
        cd migration-validation-framework
        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
        black --check .
        isort --check-only .

  validate-docker:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Validate Docker Compose
      run: |
        cd observability-stack
        docker-compose config
    - name: Check Docker Images
      run: |
        cd observability-stack
        docker-compose pull --quiet

  security-scan:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Run Trivy vulnerability scanner
      uses: aquasecurity/trivy-action@master
      with:
        scan-type: 'fs'
        scan-ref: '.'
        format: 'sarif'
        output: 'trivy-results.sarif'
    - name: Upload Trivy scan results to GitHub Security tab
      uses: github/codeql-action/upload-sarif@v2
      if: always()
      with:
        sarif_file: 'trivy-results.sarif'

  documentation:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    - name: Check Documentation
      run: |
        # Check for broken links in README files
        find . -name "README.md" -exec markdown-link-check {} \;
        # Validate YAML files
        find . -name "*.yml" -o -name "*.yaml" | xargs -I {} yamllint {}

  integration-test:
    runs-on: ubuntu-latest
    needs: [lint-ansible, test-python, validate-docker]
    steps:
    - uses: actions/checkout@v3
    - name: Set up Python
      uses: actions/setup-python@v4
      with:
        python-version: '3.8'
    - name: Install Dependencies
      run: |
        pip install ansible docker-compose
    - name: Run Integration Tests
      run: |
        # Start infrastructure simulator
        cd enterprise-infra-simulator
        make up
        sleep 30
        # Run basic validation
        ansible -i inventory/hosts.ini all -m ping
        # Test migration framework
        cd ../migration-validation-framework
        python cli.py --help
        # Validate observability stack
        cd ../observability-stack
        docker-compose config
        # Cleanup
        cd ../enterprise-infra-simulator
        make destroy