name: Testing Infisical

on:
  push:
    branches:
      - development
      - staging
      - production

jobs:
  build:
    runs-on: k8s-runner-00
    env:
      REGISTRY: registry.staging
      IMAGE_NAME: ${{ gitea.repository }}
      IMAGE_TAG: ${{ gitea.sha }}
      BRANCH: ${{ gitea.ref_name }}
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Load environment variables from Infisical
        env:
          INFISICAL_API_URL: "https://vault.bigdata.pens.ac.id"
          INFISICAL_TOKEN: "st.2bc8b1e3-44d3-43d0-9657-f9cb0a267c01.feab3bb260549fd3a1260e5ed07c2240.2dfe575eb8720426f90a3f80c3f3276e"
        run: |
          echo "🔍 Checking Infisical CLI..."
          if ! command -v infisical >/dev/null 2>&1; then
            echo "⚙️ Infisical CLI not found — installing..."
            curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.alpine.sh' | bash
            apk add infisical
          else
            echo "✅ Infisical CLI already installed."
          fi

          echo "🚀 Fetching secrets from Infisical..."
          infisical export --env=production > .env.production
          infisical export --env=development > .env.dev
          infisical export --env=staging > .env.staging
          
          ls -alth .

          cat .env.production
          cat .env.dev
          cat .env.staging