on: pull_request
jobs:
  k8s-test:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install Docker CLI, kind, and kubectl
        run: |
          # Install Docker CLI (to talk to the host daemon via the mounted socket)
          apt-get update && apt-get install -y docker.io jq

          # Install kind
          curl -Lo /usr/local/bin/kind https://kind.sigs.k8s.io/dl/v0.24.0/kind-linux-amd64
          chmod +x /usr/local/bin/kind

          # Install kubectl
          curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
          install kubectl /usr/local/bin/

      - name: Create kind cluster
        run: |
          docker inspect "$KIND_CONTAINER" || kind create cluster --name test-cluster --wait 5m

      - name: Connect kind to the job container's network and fix kubeconfig
        if: always()
        run: |
          # 1. Find the Docker network the job container is on
          #    The job container's hostname is the container ID
          JOB_CONTAINER_ID=$(hostname)
          NETWORK_NAME=$(docker inspect "$JOB_CONTAINER_ID" \
            --format '{{range $k, $v := .NetworkSettings.Networks}}{{$k}}{{end}}')
            
          echo "NETWORK_NAME=$NETWORK_NAME" >> $GITHUB_ENV

          echo "Job container network: $NETWORK_NAME"

          # 2. Get the kind control-plane container name
          KIND_CONTAINER="test-cluster-control-plane"

          echo "KIND_CONTAINER=$KIND_CONTAINER" >> $GITHUB_ENV

          # 3. Connect the kind container to the same network
          docker network connect "$NETWORK_NAME" "$KIND_CONTAINER"

          # 4. Get the kind container's IP on that network
          KIND_IP=$(docker inspect "$KIND_CONTAINER" \
            --format "{{(index .NetworkSettings.Networks \"$NETWORK_NAME\").IPAddress}}")

          echo "Kind container IP on shared network: $KIND_IP"

          # 5. Rewrite the kubeconfig to use the kind container's IP
          #    kind's API server listens on port 6443 inside the container
          kubectl config set-cluster kind-test-cluster \
            --server="https://${KIND_IP}:6443"

          # 6. Since the TLS cert won't match the new IP, use insecure mode
          #    OR set insecure-skip-tls-verify
          kubectl config set-cluster kind-test-cluster \
            --insecure-skip-tls-verify=true

      - name: Verify cluster access
        if: always()
        run: |
          kubectl cluster-info
          kubectl get nodes
          kubectl get pods -A
          
      - name: Disconnect Kind Network
        if: always()
        run: |
          docker network disconnect "$NETWORK_NAME" "$KIND_CONTAINER"