#!/bin/bash
# Upload Debian packages to Gitea APT registry
set -e

GITEA_URL="${GITEA_URL:-https://git.nevets.tech}"
GITEA_OWNER="${GITEA_OWNER:-steven}"
GITEA_TOKEN="${GITEA_TOKEN}"
DIST_DIR="${DIST_DIR:-dist}"
DISTRIBUTION="${DISTRIBUTION:-trixie}"  # Debian 13
COMPONENT="${COMPONENT:-main}"
PACKAGE_FILTER="${PACKAGE_FILTER:-}"  # Optional filter for specific package

# Colors for output
GREEN='\033[0;32m'
BLUE='\033[0;34m'
RED='\033[0;31m'
NC='\033[0m' # No Color

if [ -z "$GITEA_TOKEN" ]; then
    echo -e "${RED}Error: GITEA_TOKEN environment variable not set${NC}"
    echo "Set it with: export GITEA_TOKEN='your-token-here'"
    echo ""
    echo "The token must have the following permissions:"
    echo "  - write:package (to upload packages)"
    echo "  - read:package (to read package metadata)"
    echo ""
    echo "Create a token at: ${GITEA_URL}/user/settings/applications"
    exit 1
fi

if [ ! -d "$DIST_DIR" ]; then
    echo -e "${RED}Error: Distribution directory $DIST_DIR not found${NC}"
    echo "Build packages first with: make package"
    exit 1
fi

echo -e "${BLUE}Publishing packages to Gitea APT registry...${NC}"
echo "Repository: ${GITEA_URL}/api/packages/${GITEA_OWNER}/debian"
echo "Distribution: ${DISTRIBUTION}"
echo "Component: ${COMPONENT}"
if [ -n "$PACKAGE_FILTER" ]; then
    echo "Filter: ${PACKAGE_FILTER}"
fi
echo ""

# Verify token has package access
echo -e "${BLUE}Verifying token permissions...${NC}"
VERIFY_CODE=$(curl -s -w "%{http_code}" -o /tmp/gitea_verify.txt \
    -H "Authorization: token ${GITEA_TOKEN}" \
    "${GITEA_URL}/api/v1/user")

if [ "$VERIFY_CODE" -eq 200 ]; then
    USER=$(grep -o '"login":"[^"]*"' /tmp/gitea_verify.txt | cut -d'"' -f4)
    echo -e "${GREEN}✓ Token authenticated as user: ${USER}${NC}"
else
    echo -e "${RED}✗ Token verification failed (HTTP ${VERIFY_CODE})${NC}"
    cat /tmp/gitea_verify.txt
    echo ""
    echo "Please check your GITEA_TOKEN and try again."
    exit 1
fi
rm -f /tmp/gitea_verify.txt
echo ""

SUCCESS_COUNT=0
FAIL_COUNT=0

for deb in "$DIST_DIR"/*.deb; do
    if [ -f "$deb" ]; then
        PACKAGE_NAME=$(basename "$deb")

        # Skip if filter is set and package doesn't match
        if [ -n "$PACKAGE_FILTER" ]; then
            if [[ ! "$PACKAGE_NAME" =~ ^${PACKAGE_FILTER}_ ]]; then
                echo -e "${BLUE}Skipping ${PACKAGE_NAME} (doesn't match filter)${NC}"
                continue
            fi
        fi

        echo -e "${BLUE}Uploading ${PACKAGE_NAME}...${NC}"

        # Try uploading with token authentication
        HTTP_CODE=$(curl -X PUT \
            -w "%{http_code}" \
            -o /tmp/gitea_upload_response.txt \
            -H "Authorization: token ${GITEA_TOKEN}" \
            -H "Content-Type: application/octet-stream" \
            --data-binary @"${deb}" \
            "${GITEA_URL}/api/packages/${GITEA_OWNER}/debian/pool/${DISTRIBUTION}/${COMPONENT}/upload")

        if [ "$HTTP_CODE" -eq 201 ] || [ "$HTTP_CODE" -eq 200 ]; then
            echo -e "${GREEN}✓ Uploaded ${PACKAGE_NAME}${NC}"
            SUCCESS_COUNT=$((SUCCESS_COUNT + 1))
        else
            echo -e "${RED}✗ Failed to upload ${PACKAGE_NAME} (HTTP ${HTTP_CODE})${NC}"
            echo "Response:"
            cat /tmp/gitea_upload_response.txt
            echo ""

            # Provide troubleshooting guidance for common errors
            if [ "$HTTP_CODE" -eq 401 ]; then
                echo -e "${RED}Authentication failed. Please check:${NC}"
                echo "  1. Token is valid and not expired"
                echo "  2. Token has 'write:package' permission"
                echo "  3. You have access to the '${GITEA_OWNER}' organization"
                echo "  Create/update token at: ${GITEA_URL}/user/settings/applications"
            elif [ "$HTTP_CODE" -eq 403 ]; then
                echo -e "${RED}Permission denied. Ensure the token has package write access.${NC}"
            elif [ "$HTTP_CODE" -eq 404 ]; then
                echo -e "${RED}Repository not found. Verify the owner '${GITEA_OWNER}' exists.${NC}"
            fi
            echo ""
            FAIL_COUNT=$((FAIL_COUNT + 1))
        fi
    fi
done

echo ""
echo -e "${BLUE}Upload Summary:${NC}"
echo -e "${GREEN}Successful: ${SUCCESS_COUNT}${NC}"
if [ "$FAIL_COUNT" -gt 0 ]; then
    echo -e "${RED}Failed: ${FAIL_COUNT}${NC}"
fi
echo ""

if [ "$SUCCESS_COUNT" -gt 0 ]; then
    echo -e "${GREEN}Repository setup instructions:${NC}"
    echo ""
    echo "  # Add GPG key"
    echo "  sudo curl ${GITEA_URL}/api/packages/${GITEA_OWNER}/debian/repository.key -o /etc/apt/keyrings/gitea-${GITEA_OWNER}.asc"
    echo ""
    echo "  # Add repository"
    echo "  echo \"deb [signed-by=/etc/apt/keyrings/gitea-${GITEA_OWNER}.asc] ${GITEA_URL}/api/packages/${GITEA_OWNER}/debian ${DISTRIBUTION} ${COMPONENT}\" | sudo tee -a /etc/apt/sources.list.d/gitea-${GITEA_OWNER}.list"
    echo ""
    echo "  # Update package list"
    echo "  sudo apt update"
    echo ""
    echo "  # Install packages"
    echo "  sudo apt install featherddns"
    echo ""
fi

# Cleanup
rm -f /tmp/gitea_upload_response.txt

if [ "$FAIL_COUNT" -gt 0 ]; then
    exit 1
fi

exit 0