#!/usr/bin/env bash
set -euo pipefail

ROOT_DIR="$(git rev-parse --show-toplevel)"
DEFAULT_LOG_ROOT="${ROOT_DIR}/logs/rootpack_ru_$(date -u +%Y%m%dT%H%M%SZ)"
LOG_ROOT="${ROOTPACK_LOG_DIR:-$DEFAULT_LOG_ROOT}"
ALLOW_PARTIAL="${ALLOW_PARTIAL:-1}"
mkdir -p "$LOG_ROOT"

PROJECTS=(
    "src/__Libraries/__Tests/StellaOps.Cryptography.Tests/StellaOps.Cryptography.Tests.csproj"
    "src/Scanner/__Tests/StellaOps.Scanner.Worker.Tests/StellaOps.Scanner.Worker.Tests.csproj"
    "src/Scanner/__Tests/StellaOps.Scanner.Sbomer.BuildXPlugin.Tests/StellaOps.Scanner.Sbomer.BuildXPlugin.Tests.csproj"
)
if [ "${RUN_SCANNER:-1}" != "1" ]; then
    PROJECTS=("${PROJECTS[0]}")
    echo "[rootpack-ru] RUN_SCANNER=0 set; skipping scanner test suites"
fi

run_test() {
    local project="$1"
    local extra_props=""

    if [ "${STELLAOPS_ENABLE_CRYPTO_PRO:-""}" = "1" ]; then
        extra_props+=" /p:StellaOpsEnableCryptoPro=true"
    fi

    if [ "${STELLAOPS_ENABLE_PKCS11:-""}" = "1" ]; then
        extra_props+=" /p:StellaOpsEnablePkcs11=true"
    fi
    local safe_name
    safe_name="$(basename "${project%.csproj}")"
    local log_file="${LOG_ROOT}/${safe_name}.log"
    local trx_name="${safe_name}.trx"

    echo "[rootpack-ru] Running tests for ${project}" | tee "$log_file"
    dotnet test "$project" \
        --nologo \
        --verbosity minimal \
        --results-directory "$LOG_ROOT" \
        --logger "trx;LogFileName=${trx_name}" ${extra_props} | tee -a "$log_file"
}

PROJECT_SUMMARY=()
for project in "${PROJECTS[@]}"; do
    safe_name="$(basename "${project%.csproj}")"
        if run_test "$project"; then
            PROJECT_SUMMARY+=("$project|$safe_name|PASS")
            echo "[rootpack-ru] Wrote logs for ${project} -> ${LOG_ROOT}/${safe_name}.log"
        else
            PROJECT_SUMMARY+=("$project|$safe_name|FAIL")
            echo "[rootpack-ru] Test run failed for ${project}; see ${LOG_ROOT}/${safe_name}.log"
            if [ "${ALLOW_PARTIAL}" != "1" ]; then
                echo "[rootpack-ru] ALLOW_PARTIAL=0; aborting harness."
                exit 1
            fi
        fi
    done

GOST_SUMMARY="skipped (docker not available)"
if [ "${RUN_GOST_VALIDATION:-1}" = "1" ]; then
    if command -v docker >/dev/null 2>&1; then
        echo "[rootpack-ru] Running OpenSSL GOST validation harness"
        OPENSSL_GOST_LOG_DIR="${LOG_ROOT}/openssl_gost"
        if OPENSSL_GOST_LOG_DIR="${OPENSSL_GOST_LOG_DIR}" bash "${ROOT_DIR}/scripts/crypto/validate-openssl-gost.sh"; then
            if [ -d "${OPENSSL_GOST_LOG_DIR}" ] && [ -f "${OPENSSL_GOST_LOG_DIR}/summary.txt" ]; then
                GOST_SUMMARY="$(cat "${OPENSSL_GOST_LOG_DIR}/summary.txt")"
            else
                GOST_SUMMARY="completed (see logs/openssl_gost_validation_*)"
            fi
        else
            GOST_SUMMARY="failed (see logs/openssl_gost_validation_*)"
        fi
    else
        echo "[rootpack-ru] Docker not available; skipping OpenSSL GOST validation."
    fi
fi

{
    echo "RootPack_RU deterministic test harness"
    echo "Generated: $(date -u +%Y-%m-%dT%H:%M:%SZ)"
    echo "Log Directory: $LOG_ROOT"
    echo ""
    echo "Projects:"
    for entry in "${PROJECT_SUMMARY[@]}"; do
        project_path="${entry%%|*}"
        rest="${entry#*|}"
        safe_name="${rest%%|*}"
        status="${rest##*|}"
        printf ' - %s (log: %s.log, trx: %s.trx) [%s]\n' "$project_path" "$safe_name" "$safe_name" "$status"
    done
    echo ""
    echo "GOST validation: ${GOST_SUMMARY}"
} > "$LOG_ROOT/README.tests"

echo "Logs and TRX files available under $LOG_ROOT"