name: Auto-merge l10n PRs

on:
  pull_request:
    types: [opened, synchronize, labeled]

permissions:
  contents: write
  pull-requests: write

jobs:
  auto-merge:
    runs-on: ubuntu-latest
    if: contains(github.event.pull_request.labels.*.name, 'l10n')

    steps:
      - name: Validate PR author
        env:
          AUTHOR: ${{ github.event.pull_request.user.login }}
        run: |
          if [[
            "$AUTHOR" != "hay-kot" &&
            "$AUTHOR" != "github-actions[bot]" &&
            "$AUTHOR" != "mealie-actions[bot]"
          ]]; then
            echo "::error::PR author must be hay-kot, github-actions[bot], or mealie-actions[bot] for auto-merge (got: $AUTHOR)"
            exit 1
          fi
          echo "Author validated: $AUTHOR"

      - name: Validate PR size
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          ADDITIONS=$(gh pr view "$PR_NUMBER" --repo "$REPO" --json additions --jq '.additions')
          DELETIONS=$(gh pr view "$PR_NUMBER" --repo "$REPO" --json deletions --jq '.deletions')
          TOTAL=$((ADDITIONS + DELETIONS))

          echo "PR changes: +$ADDITIONS -$DELETIONS (total: $TOTAL lines)"

          if [ "$TOTAL" -gt 400 ]; then
            echo "::error::PR exceeds 400 line change limit ($TOTAL lines)"
            exit 1
          fi

      - name: Validate file paths
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          FILES=$(gh pr view "$PR_NUMBER" --repo "$REPO" --json files --jq '.files[].path')

          for file in $FILES; do
            # Check if file matches any allowed path
            if [[ "$file" == "frontend/composables/use-locales/available-locales.ts" ]] || \
               [[ "$file" =~ ^frontend/lang/ ]] || \
               [[ "$file" =~ ^mealie/repos/seed/resources/[^/]+/locales/ ]]; then
              continue
            fi

            # File doesn't match allowed paths
            echo "::error::Invalid file path: $file"
            echo "Only the following paths are allowed:"
            echo "  - frontend/composables/use-locales/available-locales.ts"
            echo "  - frontend/lang/"
            echo "  - mealie/repos/seed/resources/*/locales/"
            exit 1
          done

          echo "All files are in allowed paths"

      - name: Approve PR
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          APPROVED=$(gh pr view "$PR_NUMBER" \
            --repo "$REPO" \
            --json reviews \
            --jq '.reviews[] | select(.state == "APPROVED") | .id' \
            | wc -l)

          if [ "$APPROVED" -gt 0 ]; then
            echo "PR already approved"
            exit 0
          fi

          gh pr review "$PR_NUMBER" \
            --repo "$REPO" \
            --approve \
            --body "Auto-approved: l10n PR from trusted author with valid file paths"

      - name: Enable auto-merge
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
          REPO: ${{ github.repository }}
        run: |
          gh pr merge "$PR_NUMBER" \
            --repo "$REPO" \
            --auto \
            --squash