#!/bin/bash
# SPDX-License-Identifier: GPL-3.0-or-later
#
# Testinfra post-install validation sweep (runs on the host, over SSH).
#
# P1 status: advisory. This runs alongside the shell sweep (run_all_validations)
# so a real VM run can diff the two and prove parity before pytest becomes the
# primary validator (P3 cutover). It never sets the run's pass/fail here.
#
# Auth: a throwaway ed25519 keypair is generated per run, its pubkey authorized
# in the VM over the existing sshpass channel, and pytest/testinfra connects
# key-only via a generated ssh-config. The keypair lives in the results dir and
# is discarded with it.
#
# Uses globals from run-test.sh / vm-utils.sh: SCRIPT_DIR, VM_IP, SSH_PORT,
# ROOT_PASSWORD, ARCHSETUP_VM_CONF. Toggle with RUN_TESTINFRA=false.

# run_testinfra_validation <results_dir>
run_testinfra_validation() {
    local results_dir="$1"
    local tests_dir="$SCRIPT_DIR/tests"
    local key="$results_dir/testinfra_key"
    local sshcfg="$results_dir/testinfra_ssh_config"

    if [ "${RUN_TESTINFRA:-true}" != "true" ]; then
        return 0
    fi
    if ! command -v pytest >/dev/null 2>&1 || ! python3 -c 'import testinfra' >/dev/null 2>&1; then
        warn "Testinfra/pytest not installed on host - skipping pytest sweep (run: make deps)"
        return 0
    fi

    step "Running Testinfra validation sweep (advisory)"

    # Prefer the root key the harness already authorized (inject_root_key). It
    # survives the sshd prohibit-password hardening, so reuse it rather than
    # authorizing a second key. Fall back to minting our own for standalone use.
    if [ -n "${ROOT_SSH_KEY:-}" ] && [ -f "${ROOT_SSH_KEY}" ]; then
        key="$ROOT_SSH_KEY"
    else
        rm -f "$key" "$key.pub"
        if ! ssh-keygen -t ed25519 -N "" -q -f "$key"; then
            warn "testinfra: ssh-keygen failed - skipping"
            return 0
        fi
        if ! copy_to_vm "$key.pub" "/tmp/testinfra_key.pub" "$ROOT_PASSWORD"; then
            warn "testinfra: pubkey copy failed - skipping"
            return 0
        fi
        if ! vm_exec "$ROOT_PASSWORD" \
            "mkdir -p /root/.ssh && chmod 700 /root/.ssh && cat /tmp/testinfra_key.pub >> /root/.ssh/authorized_keys && chmod 600 /root/.ssh/authorized_keys"; then
            warn "testinfra: authorizing key in VM failed - skipping"
            return 0
        fi
    fi

    # ssh-config so testinfra connects key-only, no host-key prompt.
    cat > "$sshcfg" <<EOF
Host testinfra-target
    HostName ${VM_IP:-localhost}
    Port ${SSH_PORT:-2222}
    User root
    IdentityFile $key
    IdentitiesOnly yes
    StrictHostKeyChecking no
    UserKnownHostsFile /dev/null
EOF

    # The account archsetup created, for the tests that need it.
    local test_user
    test_user=$(sed -n 's/^USERNAME=//p' "$ARCHSETUP_VM_CONF" 2>/dev/null | head -n1)
    : "${test_user:=cjennings}"

    ARCHSETUP_TEST_USER="$test_user" pytest "$tests_dir" \
        --hosts="ssh://testinfra-target" \
        --ssh-config="$sshcfg" \
        --attribution-file="$results_dir/testinfra-attribution.txt" \
        -v >> "$results_dir/testinfra.log" 2>&1
    local rc=$?

    if [ "$rc" -eq 0 ]; then
        success "Testinfra sweep passed (advisory; see testinfra.log)"
    else
        warn "Testinfra sweep reported failures (advisory; see testinfra.log + testinfra-attribution.txt)"
    fi
    return 0
}