name: autofix

on:
  push:
  workflow_dispatch:

jobs:
  fix:
    runs-on: debian

    steps:
      - name: Nuclear fix - absolute path control
        run: |
          echo "=== AUTOFIX NUCLEAR FIX ==="
          echo "Current PWD: $(pwd)"
          echo "Forcing absolute workspace path..."
          
          # Clean and create absolute workspace
          rm -rf /opt/gitea-runner/workspace
          mkdir -p /opt/gitea-runner/workspace
          cd /opt/gitea-runner/workspace
          
          echo "Workspace PWD: $(pwd)"
          echo "Cloning repository..."
          git clone https://gitea.bubuit.net/oib/aitbc.git repo
          
          cd repo
          echo "Repo PWD: $(pwd)"
          echo "Files in repo:"
          ls -la
          
          echo "=== PROJECT TYPE CHECK ==="
          if [ -f "package.json" ]; then
            echo "✅ Node.js project detected!"
            echo "=== NPM INSTALL ==="
            npm install --legacy-peer-deps
            echo "✅ Auto-fixing vulnerabilities..."
            npm audit fix || true
          elif [ -f "pyproject.toml" ]; then
            echo "✅ Python project detected!"
            echo "=== PYTHON DEPENDENCIES ==="
            if command -v poetry >/dev/null 2>&1; then
              echo "Poetry found, installing dependencies..."
              poetry install
            else
              echo "Installing poetry..."
              pip install poetry
              poetry install
            fi
            echo "✅ Python dependencies installed!"
            echo "=== SECURITY FIXES ==="
            # Check for common Python security issues
            echo "Running safety check..."
            pip install safety
            safety check || echo "Safety check completed with warnings"
          else
            echo "❌ No supported project type found!"
            exit 1
          fi