name: CI

on:
  push:
    branches: [ main, develop ]
  pull_request:
    branches: [ main ]

jobs:
  test:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["3.9", "3.10", "3.11", "3.12"]

    steps:
    - uses: actions/checkout@v4

    - name: Install uv
      uses: astral-sh/setup-uv@v3
      with:
        version: "latest"

    - name: Set up Python ${{ matrix.python-version }}
      run: uv python install ${{ matrix.python-version }}

    - name: Install dependencies
      run: |
        uv sync --extra dev

    - name: Run Ruff linting
      run: |
        uv run ruff check .

    - name: Run Ruff formatting check
      run: |
        uv run ruff format --check .

    - name: Run Black formatting check
      run: |
        uv run black --check src/ tests/

    - name: Run type checking with mypy
      run: |
        uv run mypy src/mcp_namecheap/

    - name: Run tests with coverage
      run: |
        uv run pytest --cov=src/mcp_namecheap --cov-report=xml --cov-report=term-missing

    - name: Upload coverage to Codecov
      uses: codecov/codecov-action@v3
      with:
        file: ./coverage.xml
        flags: unittests
        name: codecov-umbrella
        fail_ci_if_error: false

  security:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4

    - name: Install uv
      uses: astral-sh/setup-uv@v3

    - name: Set up Python
      run: uv python install 3.11

    - name: Install dependencies
      run: uv sync --extra dev

    - name: Run safety check
      run: |
        uv run pip install safety
        uv run safety check --json || true

    - name: Run bandit security linter
      run: |
        uv run pip install bandit
        uv run bandit -r src/ || true