#!/usr/bin/env nix-shell
#!nix-shell -i bash -p nix-prefetch-github jq cacert

set -euo pipefail

cd "$(dirname "${BASH_SOURCE[0]}")"
repo_root="$(cd ../../.. && pwd)"

owner="bostrot"
repo="mautrix-mattermost"

# Get latest commit from GitHub
echo "Fetching latest commit from $owner/$repo..."
commit_info=$(curl -s "https://api.github.com/repos/$owner/$repo/commits?per_page=1")
rev=$(echo "$commit_info" | jq -r '.[0].sha')
date=$(echo "$commit_info" | jq -r '.[0].commit.committer.date' | cut -dT -f1)
echo "Latest commit: $rev ($date)"

# Update rev in default.nix
sed -i "s|rev = \".*\";|rev = \"$rev\";|" default.nix
sed -i "s|version = \".*\";|version = \"0-unstable-$date\";|" default.nix

# Fetch source hash
echo "Fetching source hash..."
prefetch_output=$(nix-prefetch-github "$owner" "$repo" --rev "$rev" --json 2>/dev/null)
src_hash=$(echo "$prefetch_output" | jq -r '.hash')
echo "Source hash: $src_hash"
sed -i "s|hash = \"sha256-.*\";|hash = \"$src_hash\";|" default.nix

# Set placeholder vendorHash to trigger build failure
sed -i "s|vendorHash = \"sha256-.*\";|vendorHash = \"sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=\";|" default.nix

# Build to get the correct vendorHash
echo "Building to determine vendorHash..."
cd "$repo_root"
build_output=$(nix build --impure --no-link --expr 'with import <nixpkgs> { config.permittedInsecurePackages = ["olm-3.2.16"]; }; callPackage ./utils/pkgs/mautrix-mattermost {}' 2>&1 || true)

vendor_hash=$(echo "$build_output" | grep -oP "got:\s+sha256-[A-Za-z0-9+/=]+" | tail -1 | awk '{print $2}')

if [ -z "$vendor_hash" ]; then
  echo "Error: Could not determine vendorHash from build output"
  echo "Build output:"
  echo "$build_output"
  exit 1
fi

echo "vendorHash: $vendor_hash"
cd "$repo_root/utils/pkgs/mautrix-mattermost"
sed -i "s|vendorHash = \"sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=\";|vendorHash = \"$vendor_hash\";|" default.nix

# Verify the build works
echo ""
echo "Verifying build..."
cd "$repo_root"
if nix build --impure --no-link --expr 'with import <nixpkgs> { config.permittedInsecurePackages = ["olm-3.2.16"]; }; callPackage ./utils/pkgs/mautrix-mattermost {}'; then
  echo ""
  echo "Successfully updated mautrix-mattermost to $rev ($date)"
  echo "  Source hash: $src_hash"
  echo "  vendorHash: $vendor_hash"
else
  echo ""
  echo "Build failed after updating hashes"
  exit 1
fi