#!/usr/bin/env bash
# Publish a new muse CLI release to staging.
#
# Usage:
#   bash deploy/publish_muse_release.sh            # builds current version from ~/ecosystem/muse
#   MUSE_VERSION=0.2.1 bash deploy/publish_muse_release.sh  # override version label
#
# What it does:
#   1. Builds the muse sdist from ~/ecosystem/muse.
#   2. Uploads the tarball to s3://musehub-releases/muse-{version}.tar.gz.
#   3. SSMs to the staging instance to pull the tarball from S3 into /data/releases/.
#   4. Removes stale tarballs from S3 and /data/releases/ (keeps the 3 most recent).
#   5. Verifies the tarball is live via https://staging.musehub.ai/releases/muse-{version}.tar.gz.
#
# Prerequisites:
#   - Python 3.14 + build package  (pip install build)
#   - AWS CLI configured (musehub-infra profile or default with the right creds)
#   - ~/ecosystem/muse checked out at the version you want to ship

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
MUSE_REPO="${MUSE_REPO:-$HOME/ecosystem/muse}"
S3_BUCKET="musehub-releases"
STAGING_INSTANCE="i-07547cd20bee2dea5"
REGION="us-east-1"
STAGING_URL="https://staging.musehub.ai"
KEEP_RELEASES=3   # number of tarballs to keep on S3 and server

log() { printf '\033[1;34m%s\033[0m\n' "$*" >&2; }
die() { printf '\033[1;31mERROR: %s\033[0m\n' "$*" >&2; exit 1; }

# ── 1. Resolve version ────────────────────────────────────────────────────────

if [ -z "${MUSE_VERSION:-}" ]; then
    MUSE_VERSION=$(python3 -c "
import re, pathlib
t = pathlib.Path('$MUSE_REPO/pyproject.toml').read_text()
m = re.search(r'^version\s*=\s*\"([^\"]+)\"', t, re.MULTILINE)
print(m.group(1))
")
fi

log "[1/5] Building muse $MUSE_VERSION from $MUSE_REPO"

# ── 2. Build sdist ────────────────────────────────────────────────────────────

cd "$MUSE_REPO"
python3 -m build --sdist --outdir dist/ 2>&1 | tail -3

TARBALL="dist/muse-${MUSE_VERSION}.tar.gz"
[ -f "$TARBALL" ] || die "Expected tarball not found: $MUSE_REPO/$TARBALL"
log "  Built: $(du -sh "$TARBALL" | cut -f1)  $TARBALL"

# ── 3. Upload to S3 ───────────────────────────────────────────────────────────

log "[2/5] Uploading to s3://$S3_BUCKET/"
aws s3 cp "$TARBALL" "s3://$S3_BUCKET/muse-${MUSE_VERSION}.tar.gz"

# ── 4. Pull from S3 into /data/releases/ on staging ─────────────────────────

log "[3/5] Pushing to staging ($STAGING_INSTANCE)"

CMD="aws s3 cp s3://$S3_BUCKET/muse-${MUSE_VERSION}.tar.gz /tmp/muse-${MUSE_VERSION}.tar.gz && \
docker run --rm -v musehub_data:/data -v /tmp:/src alpine sh -c \
'mkdir -p /data/releases && cp /src/muse-${MUSE_VERSION}.tar.gz /data/releases/muse-${MUSE_VERSION}.tar.gz'"

CMD_ID=$(aws ssm send-command \
    --region "$REGION" \
    --instance-ids "$STAGING_INSTANCE" \
    --document-name "AWS-RunShellScript" \
    --parameters "commands=[\"$CMD\"]" \
    --comment "publish muse $MUSE_VERSION" \
    --timeout-seconds 120 \
    --query "Command.CommandId" \
    --output text)

log "  SSM command: $CMD_ID — polling..."

for i in $(seq 1 24); do
    sleep 5
    STATUS=$(aws ssm get-command-invocation \
        --region "$REGION" \
        --command-id "$CMD_ID" \
        --instance-id "$STAGING_INSTANCE" \
        --query "Status" \
        --output text 2>/dev/null || echo "Pending")
    case "$STATUS" in
        Success)  log "  ✅ Staging copy succeeded."; break ;;
        Failed|Cancelled|TimedOut) die "SSM command $STATUS" ;;
        *) printf '.' >&2 ;;
    esac
done
[ "$STATUS" = "Success" ] || die "SSM timed out (status: $STATUS)"

# ── 5. Clean up old releases (S3 + server, keep newest KEEP_RELEASES) ────────

log "[4/5] Cleaning up old releases (keeping $KEEP_RELEASES newest)"

# S3 cleanup — list, sort by version, delete oldest
# awk buffers all lines and prints only those before the last KEEP_RELEASES
# (portable — avoids GNU-only `head -n -N` which fails on macOS/BSD)
STALE_S3=$(aws s3 ls "s3://$S3_BUCKET/" \
    | awk '{print $NF}' \
    | grep '^muse-.*\.tar\.gz$' \
    | sort -V \
    | awk -v keep="$KEEP_RELEASES" '{lines[NR]=$0} END{for(i=1;i<=NR-keep;i++) print lines[i]}')

if [ -n "$STALE_S3" ]; then
    while IFS= read -r key; do
        log "  Deleting s3://$S3_BUCKET/$key"
        aws s3 rm "s3://$S3_BUCKET/$key"
    done <<< "$STALE_S3"
else
    log "  S3: nothing to remove."
fi

# Server cleanup — same logic via SSM (awk for portability)
CLEAN_CMD="ls /data/releases/muse-*.tar.gz 2>/dev/null \
| sort -V \
| awk -v keep=$KEEP_RELEASES '{lines[NR]=\$0} END{for(i=1;i<=NR-keep;i++) print lines[i]}' \
| xargs -r rm -v"

aws ssm send-command \
    --region "$REGION" \
    --instance-ids "$STAGING_INSTANCE" \
    --document-name "AWS-RunShellScript" \
    --parameters "commands=[\"$CLEAN_CMD\"]" \
    --comment "cleanup old muse releases" \
    --output text \
    --query "Command.CommandId" > /dev/null

# ── 6. Smoke-test: verify tarball is live ─────────────────────────────────────

log "[5/5] Verifying $STAGING_URL/releases/muse-${MUSE_VERSION}.tar.gz"

HTTP=$(curl -sI "$STAGING_URL/releases/muse-${MUSE_VERSION}.tar.gz" \
    | grep -i "^HTTP" | awk '{print $2}')

if [ "$HTTP" = "200" ]; then
    log "  ✅ Live at $STAGING_URL/releases/muse-${MUSE_VERSION}.tar.gz"
else
    die "Expected HTTP 200, got: $HTTP"
fi

log ""
log "muse $MUSE_VERSION is live. Install with:"
log "  curl -fsSL $STAGING_URL/install.sh | sh"