name: Brain CI

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

jobs:
  lint-and-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.10'

      - name: Python syntax check (hooks)
        run: |
          for f in user-level-files/hooks/*.py; do
            python -m py_compile "$f"
          done

      - name: Install jq
        run: sudo apt-get install -y jq

      - name: Validate JSON files
        run: |
          for f in $(find . -name '*.json' -not -path './.git/*'); do
            jq empty "$f" || { echo "Invalid JSON: $f"; exit 1; }
          done

      - name: Run script tests
        run: |
          bash scripts/tests/common-test.sh
          bash scripts/tests/merge-settings-test.sh
          bash scripts/tests/merge-mcp-test.sh
          bash scripts/tests/setup-secrets-test.sh
          bash scripts/tests/install-plugins-test.sh
          bash scripts/tests/verify-test.sh
          bash scripts/tests/install-test.sh
          bash scripts/tests/extract-test.sh

      - name: Run Python hook tests
        run: |
          python user-level-files/hooks/economy-mode-test.py
          python user-level-files/hooks/economy-self-check-test.py
          python user-level-files/hooks/economy-state-guard-test.py

      - name: Gitleaks scan
        uses: gitleaks/gitleaks-action@v2

      - name: Markdownlint
        run: |
          npm install -g markdownlint-cli2
          markdownlint-cli2 "**/*.md" "#node_modules"