#!/bin/bash
#
# setup_uat.sh — Run on the UAT instance after provisioning completes.
#
# Discovers dev instances by their Project tag using the EC2 instance metadata
# and AWS CLI, then builds ~/.ssh/config entries so ec2-user can refer to dev
# machines by hostname (e.g. "ssh dev-1" to push test results).
#
# Prerequisites:
#   - AWS CLI installed (or use: dnf install -y awscli)
#   - Instance must have an IAM role allowing ec2:DescribeInstances
#     (or export AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY)
#
# Usage:
#   bash setup_uat.sh [--project-tag career-kickstarter]

set -euo pipefail

PROJECT_TAG="${1:-career-kickstarter}"

# Resolve region from instance metadata (IMDSv2)
TOKEN=$(curl -s -X PUT "http://169.254.169.254/latest/api/token" \
    -H "X-aws-ec2-metadata-token-ttl-seconds: 60")
REGION=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" \
    http://169.254.169.254/latest/meta-data/placement/region)
INSTANCE_ID=$(curl -s -H "X-aws-ec2-metadata-token: $TOKEN" \
    http://169.254.169.254/latest/meta-data/instance-id)

echo "Region:      $REGION"
echo "Instance ID: $INSTANCE_ID"
echo "Project tag: $PROJECT_TAG"

# Discover dev instances (Role != "uat", same Project tag, running)
DEV_INSTANCES=$(aws ec2 describe-instances \
    --region "$REGION" \
    --filters \
        "Name=tag:Project,Values=$PROJECT_TAG" \
        "Name=instance-state-name,Values=running" \
    --query 'Reservations[].Instances[?Tags[?Key==`Role` && Value!=`uat`]].[Tags[?Key==`Role`].Value | [0], PrivateIpAddress]' \
    --output text)

if [ -z "$DEV_INSTANCES" ]; then
    echo "No dev instances found with Project=$PROJECT_TAG"
    exit 0
fi

# Build SSH config entries
SSH_CONFIG="$HOME/.ssh/config"
MARKER="# --- Career Kickstarter dev machines ---"

# Remove any previous CK entries
if grep -q "$MARKER" "$SSH_CONFIG" 2>/dev/null; then
    sed -i "/$MARKER/,/^$/d" "$SSH_CONFIG"
fi

{
    echo ""
    echo "$MARKER"
    while IFS=$'\t' read -r dev_name private_ip; do
        [ -z "$dev_name" ] && continue
        echo "Host $dev_name"
        echo "    HostName $private_ip"
        echo "    User $dev_name"
        echo ""
    done <<< "$DEV_INSTANCES"
} >> "$SSH_CONFIG"

chmod 600 "$SSH_CONFIG"

echo ""
echo "SSH config updated. Dev machines:"
while IFS=$'\t' read -r dev_name private_ip; do
    [ -z "$dev_name" ] && continue
    echo "  $dev_name -> $private_ip"
done <<< "$DEV_INSTANCES"
echo ""
echo "You can now run: ssh dev-1  (etc.)"

# ---------------------------------------------------------------------------
# Clone template repo and set up solution test suite
# ---------------------------------------------------------------------------

if [ -z "${CK_UAT_REPO_URL:-}" ]; then
    echo "CK_UAT_REPO_URL is not set, skipping UAT repo clone."
else
    echo "Cloning UAT repository..."
    git clone "$CK_UAT_REPO_URL" ~/gtat-tech-career-kickstarter || true
    if [ -d ~/gtat-tech-career-kickstarter/solution ]; then
        cd ~/gtat-tech-career-kickstarter/solution && uv sync && bash build_proto.sh
        echo "Solution test suite ready."
    fi
fi