#!/usr/bin/env bash
#
# onx-panel-update — ONOX panel git pull + composer + npm + migrate
#
# Stdin:  JSON {"branch":"main", "version":null}
#         or   {"branch":"main", "version":"v0.18.5"}
# Stdout: JSON {
#           "old_version": "v0.18.4",
#           "new_version": "v0.18.5",
#           "migrations_run": 3,
#           "success": true
#         }
# Exit:   0=ok  1=invalid_input  3=execution_fail
#
# NOTE: This can take 2-5 minutes. Ensure SYSAPI_TIMEOUT >= 360s.

set -euo pipefail

readonly ONOX_HOME=/opt/onoxsoft

die_input() { printf '{"error":"%s","code":1}\n' "$*" >&2; exit 1; }
die_exec()  { printf '{"error":"%s","code":3}\n' "$*" >&2; exit 3; }
json_str()  { printf '%s' "$1" | sed 's/\\/\\\\/g; s/"/\\"/g'; }

# ---------------------------------------------------------------------------
# Parse stdin
# ---------------------------------------------------------------------------
INPUT=$(cat)

BRANCH=$(echo "$INPUT" | grep -oP '"branch"\s*:\s*"\K[^"]+' 2>/dev/null | head -1 || echo "main")
VERSION=$(echo "$INPUT" | grep -oP '"version"\s*:\s*"\K[^"]+' 2>/dev/null | head -1 || true)
# version may also be null in JSON
echo "$INPUT" | grep -qP '"version"\s*:\s*null' && VERSION=""

# Validate branch (no path traversal)
[[ "$BRANCH" =~ ^[a-zA-Z0-9._/-]{1,100}$ ]] || die_input "Gecersiz branch: ${BRANCH}"
[[ "$BRANCH" == *".."* ]] && die_input "Gecersiz branch (path traversal)"

# Validate version tag if provided
if [[ -n "$VERSION" ]]; then
  [[ "$VERSION" =~ ^v?[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9._-]+)?$ ]] \
    || die_input "Gecersiz versiyon formati: ${VERSION} (beklenen: v1.2.3)"
fi

[[ -d "${ONOX_HOME}/.git" ]] || die_input "Panel git repo bulunamadi: ${ONOX_HOME}"

# ---------------------------------------------------------------------------
# Capture old version
# ---------------------------------------------------------------------------
OLD_VERSION=$(git -C "${ONOX_HOME}" describe --tags --abbrev=0 2>/dev/null || \
              git -C "${ONOX_HOME}" rev-parse --short HEAD 2>/dev/null || echo "unknown")

# ---------------------------------------------------------------------------
# Git fetch + checkout/pull
# ---------------------------------------------------------------------------
git -C "${ONOX_HOME}" fetch origin 2>&1 \
  || die_exec "$(json_str "git fetch basarisiz")"

if [[ -n "$VERSION" ]]; then
  git -C "${ONOX_HOME}" checkout "tags/${VERSION}" 2>&1 \
    || die_exec "$(json_str "git checkout tags/${VERSION} basarisiz")"
else
  git -C "${ONOX_HOME}" checkout "${BRANCH}" 2>&1 \
    || die_exec "$(json_str "git checkout ${BRANCH} basarisiz")"
  git -C "${ONOX_HOME}" pull origin "${BRANCH}" 2>&1 \
    || die_exec "$(json_str "git pull origin ${BRANCH} basarisiz")"
fi

NEW_VERSION=$(git -C "${ONOX_HOME}" describe --tags --abbrev=0 2>/dev/null || \
              git -C "${ONOX_HOME}" rev-parse --short HEAD 2>/dev/null || echo "unknown")

# ---------------------------------------------------------------------------
# Composer install
# ---------------------------------------------------------------------------
composer install \
  --no-dev \
  --optimize-autoloader \
  --working-dir="${ONOX_HOME}" \
  --no-interaction \
  --quiet 2>&1 \
  || die_exec "$(json_str "composer install basarisiz")"

# ---------------------------------------------------------------------------
# npm build
# ---------------------------------------------------------------------------
npm install --prefix "${ONOX_HOME}" --silent 2>&1 \
  || die_exec "$(json_str "npm install basarisiz")"
npm run build --prefix "${ONOX_HOME}" 2>&1 \
  || die_exec "$(json_str "npm run build basarisiz")"

# ---------------------------------------------------------------------------
# Migrations — count how many ran
# ---------------------------------------------------------------------------
MIGRATE_OUT=$(php "${ONOX_HOME}/artisan" migrate --force --no-interaction 2>&1 || true)
MIGRATIONS_RUN=$(echo "$MIGRATE_OUT" | grep -c '^\s*Migrating:' 2>/dev/null || echo "0")

# ---------------------------------------------------------------------------
# Caches
# ---------------------------------------------------------------------------
php "${ONOX_HOME}/artisan" config:cache  --no-interaction 2>&1 || true
php "${ONOX_HOME}/artisan" route:cache   --no-interaction 2>&1 || true
php "${ONOX_HOME}/artisan" view:cache    --no-interaction 2>&1 || true

# Reload PHP-FPM (graceful)
systemctl reload php82-php-fpm 2>/dev/null || true

# ---------------------------------------------------------------------------
# Output
# ---------------------------------------------------------------------------
printf '{"old_version":"%s","new_version":"%s","migrations_run":%s,"success":true}\n' \
  "$(json_str "$OLD_VERSION")" \
  "$(json_str "$NEW_VERSION")" \
  "$MIGRATIONS_RUN"

exit 0
