import * as core from "@actions/core";
import { execSync } from "child_process";

function getSecrets() {
  try {
    const secretsRaw = core.getInput("secrets", { required: true });
    const sessionKey = process.env.BW_SESSION;

    if (!sessionKey) {
      throw new Error("BW_SESSION is not set. Make sure Bitwarden is unlocked.");
    }

    // Secrets parsen naar een array van { id, name }
    const secrets = secretsRaw
      .split("\n")
      .map((s) => s.trim())
      .filter((s) => s.includes(">"))
      .map((s) => {
        const [id, name] = s.split(">").map((part) => part.trim());
        return { id, name };
      });

    if (secrets.length === 0) {
      throw new Error("No valid secrets provided.");
    }

    core.info(`🔍 Retrieving ${secrets.length} secrets from Bitwarden...`);

    secrets.forEach(({ id, name }) => {
      try {
        const value = execSync(`bw get notes ${id} --session ${sessionKey}`, {
          encoding: "utf-8",
        }).trim();

        if (value) {
          core.exportVariable(name, value);
          core.setSecret(value); // Verberg secret in logs
          core.info(`✅ Stored secret ${id} as ${name}`);
        } else {
          core.warning(`⚠️ No value found for secret: ${id}`);
        }
      } catch (error) {
        core.warning(`❌ Failed to retrieve secret: ${id} - ${error.message}`);
      }
    });

    core.info("✅ All secrets retrieved successfully!");
  } catch (error) {
    core.setFailed(`❌ Error retrieving secrets: ${error.message}`);
  }
}

getSecrets();