name: Trigger Discovery

on:
  schedule:
    - cron: '0 0 */3 * *'
  issues:
    types: [opened, reopened, labeled]
  workflow_dispatch:

jobs:
  trigger:
    runs-on: ubuntu-latest
    timeout-minutes: 2
    # Only trigger on issues with safe-to-work AND (cloud-request or agent-request) labels, or schedule/manual
    if: >-
      github.event_name != 'issues' ||
      (contains(github.event.issue.labels.*.name, 'safe-to-work') &&
       (contains(github.event.issue.labels.*.name, 'cloud-request') ||
        contains(github.event.issue.labels.*.name, 'agent-request')))
    steps:
      - name: Trigger discovery cycle
        env:
          SPRITE_URL: ${{ secrets.DISCOVERY_SPRITE_URL }}
          TRIGGER_SECRET: ${{ secrets.DISCOVERY_TRIGGER_SECRET }}
        run: |
          HTTP_CODE=$(curl -sS --connect-timeout 15 --max-time 30 \
            -o /tmp/response.json -w "%{http_code}" -X POST \
            "${SPRITE_URL}/trigger?reason=${{ github.event_name }}&issue=${{ github.event.issue.number || '' }}" \
            -H "Authorization: Bearer ${TRIGGER_SECRET}")
          BODY=$(cat /tmp/response.json 2>/dev/null || echo '{}')
          echo "$BODY"
          case "$HTTP_CODE" in
            2*)
              echo "::notice::Trigger accepted (HTTP $HTTP_CODE)"
              ;;
            409)
              echo "::notice::Run already in progress — this is expected (HTTP 409)"
              ;;
            429)
              echo "::warning::Server at capacity (HTTP 429)"
              ;;
            *)
              echo "::error::Trigger failed (HTTP $HTTP_CODE)"
              exit 1
              ;;
          esac