name: Test Local Signing

on:
  workflow_dispatch:  # Manual trigger
  push:
    branches: [ozgur/build]

jobs:
  test-local-signing:
    runs-on: macos
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
        
      - name: Create Test Entitlements
        run: |
          echo "📝 Creating entitlements file..."
          cat > LuckyWorld.entitlements << EOF
          <?xml version="1.0" encoding="UTF-8"?>
          <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
          <plist version="1.0">
          <dict>
              <key>com.apple.security.cs.allow-jit</key>
              <true/>
              <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
              <true/>
              <key>com.apple.security.cs.disable-library-validation</key>
              <true/>
              <key>com.apple.security.cs.allow-dyld-environment-variables</key>
              <true/>
              <key>com.apple.security.device.audio-input</key>
              <true/>
              <key>com.apple.security.device.camera</key>
              <true/>
          </dict>
          </plist>
          EOF
          
          echo "✅ Created entitlements file"
          cat LuckyWorld.entitlements
        shell: bash
        
      - name: Create Test App Bundle
        run: |
          echo "📦 Creating test app bundle..."
          
          # Create test app bundle structure
          TEST_APP_DIR="TestApp.app"
          mkdir -p "$TEST_APP_DIR/Contents/MacOS"
          
          # Create a simple test executable
          echo '#!/bin/bash
          echo "Hello from TestApp!"' > "$TEST_APP_DIR/Contents/MacOS/TestApp"
          chmod +x "$TEST_APP_DIR/Contents/MacOS/TestApp"
          
          # Create Info.plist
          cat > "$TEST_APP_DIR/Contents/Info.plist" << EOF
          <?xml version="1.0" encoding="UTF-8"?>
          <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
          <plist version="1.0">
          <dict>
              <key>CFBundleExecutable</key>
              <string>TestApp</string>
              <key>CFBundleIdentifier</key>
              <string>com.luckyworld.testapp</string>
              <key>CFBundleName</key>
              <string>TestApp</string>
              <key>CFBundlePackageType</key>
              <string>APPL</string>
              <key>CFBundleShortVersionString</key>
              <string>1.0</string>
              <key>LSMinimumSystemVersion</key>
              <string>10.10</string>
          </dict>
          </plist>
          EOF
          
          echo "✅ Created test app bundle"
          echo "APP_PATH=$(pwd)/$TEST_APP_DIR" >> "$GITHUB_ENV"
        shell: bash
        
      - name: Sign and Notarize App
        uses: lando/code-sign-action@v3
        with:
          file: ${{ env.APP_PATH }}
          certificate-data: ${{ secrets.MACOS_CERTIFICATE }}
          certificate-password: ${{ secrets.MACOS_CERTIFICATE_PWD }}
          apple-team-id: ${{ secrets.APPLE_TEAM_ID }}
          apple-notary-user: ${{ secrets.APPLE_NOTARY_USER }}
          apple-notary-password: ${{ secrets.APPLE_NOTARY_PASSWORD }}
          apple-product-id: com.luckyworld.testapp
          options: --options runtime --entitlements LuckyWorld.entitlements
        
      - name: Cleanup
        if: always()
        run: |
          echo "🧹 Cleaning up..."
          rm -rf TestApp.app || true
          echo "✅ Cleanup complete"
        shell: bash