#!/bin/bash
set -euo pipefail

DEBUG=${DEBUG:-false}
FETCH_INTERVAL=${FETCH_INTERVAL:-3600}
REPOS=(public secret system)
SSH_KEY=${SSH_KEY:-fafnir}

# Print debug messages if enabled by ${DEBUG}
function debug() {
  [[ ${DEBUG} == "false" ]] && return
  echo "$@" >&2
}

function join_by() {
  local d=$1
  shift
  echo -n "$1"
  shift
  printf "%s" "${@/#/$d}"
}

# Wrap git to work with git-dir and work-tree being in other locations
function gwrap() {
  git --git-dir=${HOME}/.cfg/${REPO} --work-tree=${HOME} $@
}

# Ensure we're connected to network before acting
if ! (ping -q -c 1 8.8.8.8 >/dev/null); then
  debug "No network connection, not checking"
  exit 0
fi

STAT_PARM="-c %Y"
[[ "$(uname -s)" == "Darwin" ]] && STAT_PARM="-f %m"

NEED_UPDATE=()
# Check repos for updates
for REPO in ${REPOS[@]}; do
  LAST_FETCH=0
  [ -f ~/.cfg/${REPO}/FETCH_HEAD ] && LAST_FETCH=$(stat ${STAT_PARM} ~/.cfg/${REPO}/FETCH_HEAD)
  if [ $(($(date +%s) - LAST_FETCH)) -gt ${FETCH_INTERVAL} ] ||
    [ $(wc -c ~/.cfg/${REPO}/FETCH_HEAD | cut -d' ' -f1) -eq 0 ]; then
    ${HOME}/bin/vault-sshadd ${SSH_KEY} 2>&1 >/dev/null || {
      echo "Unable to load key ${SSH_KEY}"
      exit 1
    }
    gwrap fetch -q origin
  fi

  LOCAL=$(gwrap rev-parse HEAD)
  REMOTE=$(gwrap rev-parse FETCH_HEAD)

  if ! [[ ${LOCAL} == "${REMOTE}" ]]; then
    NEED_UPDATE+=("'${REPO}'")
  fi
done

if [ ${#NEED_UPDATE[@]} -gt 0 ]; then
  echo "Config repo $(join_by ", " "${NEED_UPDATE[@]}") needs update"
else
  if ( ${HOME}/bin/config-git-status.sh ); then
    echo "Up-to-date"
  else
    echo "Up-to-date with uncommitted changes"
  fi
fi