#!/usr/bin/env bash
# base.sh — sourced by all modes. Sets shared environment. Never executed directly.
#
# Customize this file for your specific project and toolchain.
# Do not add mode-specific logic here.

# ── Project root ──────────────────────────────────────────────────────────────
# Resolves to the repo root regardless of where ms is invoked from.
export PROJECT_ROOT
PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"

# ── Secrets ───────────────────────────────────────────────────────────────────
# Load secrets from 1Password CLI if available, otherwise fall back to .env.
# Never commit .env. Never hardcode credentials here.
#
# Option A: 1Password CLI (preferred)
#   export OP_ACCOUNT="my.1password.com"
#   eval "$(op signin)"
#
# Option B: doppler
#   eval "$(doppler secrets download --no-file --format env)"
#
# Option C: local .env (dev only, never commit)
if [[ -f "$PROJECT_ROOT/.env" ]]; then
  # shellcheck source=/dev/null
  set -a
  source "$PROJECT_ROOT/.env"
  set +a
fi

# ── Database ──────────────────────────────────────────────────────────────────
# Set these via secrets above; stubs provided for clarity.
export DB_HOST="${DB_HOST:-localhost}"
export DB_PORT="${DB_PORT:-5432}"
export DB_NAME="${DB_NAME:-}"
export DB_USER="${DB_USER:-}"
export DB_PASS="${DB_PASS:-}"

# ── Runtime ───────────────────────────────────────────────────────────────────
# Configure the runtime environment your project uses.
# Examples — uncomment and adjust as needed:
#
# Docker Compose:
#   export COMPOSE_FILE="$PROJECT_ROOT/docker-compose.yml"
#
# nix:
#   # (handled by nix develop — base.sh runs inside the devshell)
#
# Tool versions (if using mise/asdf):
#   export MISE_TOML="$PROJECT_ROOT/.mise.toml"

# ── Path additions ────────────────────────────────────────────────────────────
export PATH="$PROJECT_ROOT/bin:$PATH"