#!/usr/bin/env bash
set -euo pipefail

ROOT_DIR=$(cd "$(dirname "$0")/../.." && pwd)
# shellcheck disable=SC1091
source "$ROOT_DIR/scripts/hetzner/lib.sh"
load_bootstrap_env

resolve_secret_var FORGEJO_ADMIN_PASSWORD required

: "${FORGEJO_ROOT_URL:?set FORGEJO_ROOT_URL}"
: "${FORGEJO_PUSH_URL_BASE:=$FORGEJO_ROOT_URL}"
: "${FORGEJO_ADMIN_USERNAME:?set FORGEJO_ADMIN_USERNAME}"
: "${SOURCE_REPO_DIR:=$ROOT_DIR}"
: "${FORGEJO_REPO_OWNER:=$FORGEJO_ADMIN_USERNAME}"
: "${FORGEJO_REPO_NAME:=$(basename "$SOURCE_REPO_DIR")}"
: "${FORGEJO_PUSH_REMOTE_NAME:=forgejo}"
: "${FORGEJO_PUSH_REF:=HEAD:refs/heads/main}"
: "${FORGEJO_REPO_HTTP_USERNAME:=$FORGEJO_ADMIN_USERNAME}"

require git

if [[ ! -d "$SOURCE_REPO_DIR/.git" ]]; then
  echo "SOURCE_REPO_DIR is not a git repository: $SOURCE_REPO_DIR" >&2
  exit 1
fi

urlencode() {
  python3 -c 'import sys, urllib.parse; print(urllib.parse.quote(sys.argv[1], safe=""))' "$1"
}

remote_url="${FORGEJO_ROOT_URL%/}/${FORGEJO_REPO_OWNER}/${FORGEJO_REPO_NAME}.git"
auth_remote_url="${FORGEJO_PUSH_URL_BASE%/}/${FORGEJO_REPO_OWNER}/${FORGEJO_REPO_NAME}.git"
encoded_username="$(urlencode "$FORGEJO_REPO_HTTP_USERNAME")"
if [[ -n "${FORGEJO_ADMIN_PASSWORD:-}" ]]; then
  encoded_password="$(urlencode "$FORGEJO_ADMIN_PASSWORD")"
  auth_remote_url="${FORGEJO_PUSH_URL_BASE%/}"
  auth_remote_url="${auth_remote_url/https:\/\//https://${encoded_username}:${encoded_password}@}"
  auth_remote_url="${auth_remote_url/http:\/\//http://${encoded_username}:${encoded_password}@}"
  auth_remote_url+="/${FORGEJO_REPO_OWNER}/${FORGEJO_REPO_NAME}.git"
fi
current_remote_url="$(git -C "$SOURCE_REPO_DIR" remote get-url "$FORGEJO_PUSH_REMOTE_NAME" 2>/dev/null || true)"
if [[ -z "$current_remote_url" ]]; then
  git -C "$SOURCE_REPO_DIR" remote add "$FORGEJO_PUSH_REMOTE_NAME" "$auth_remote_url"
elif [[ "$current_remote_url" != "$auth_remote_url" ]]; then
  git -C "$SOURCE_REPO_DIR" remote set-url "$FORGEJO_PUSH_REMOTE_NAME" "$auth_remote_url"
fi

askpass_script="$(mktemp)"
trap 'rm -f "$askpass_script"' EXIT
cat > "$askpass_script" <<'EOF'
#!/usr/bin/env sh
case "$1" in
  *sername*) printf '%s\n' "$FORGEJO_ADMIN_USERNAME" ;;
  *assword*) printf '%s\n' "$FORGEJO_ADMIN_PASSWORD" ;;
  *) exit 1 ;;
esac
EOF
chmod 700 "$askpass_script"

GIT_TERMINAL_PROMPT=0 \
GIT_ASKPASS="$askpass_script" \
FORGEJO_ADMIN_USERNAME="$FORGEJO_ADMIN_USERNAME" \
FORGEJO_ADMIN_PASSWORD="$FORGEJO_ADMIN_PASSWORD" \
  git -C "$SOURCE_REPO_DIR" push "$FORGEJO_PUSH_REMOTE_NAME" "$FORGEJO_PUSH_REF"

echo "seeded ${remote_url} from ${SOURCE_REPO_DIR}"