#!/usr/bin/env bash
# SPDX-FileCopyrightText: 2026 Kris Lamoureux <kris@lamoureux.io>
# SPDX-License-Identifier: 0BSD

prog=${0##*/}

err() {
	printf '%s: %s\n' "$prog" "$1" >&2
	logger -t "$prog" -p user.err "$1"
	exit 1
}

usage() {
	printf 'usage: %s <zensical-semver> <repo-dir> [selinux-context]\n' "$prog" >&2
}

if (($# != 2 && $# != 3)); then
	usage
	exit 1
fi

tag=$1
dir=$2
label=$3

if [[ ! $tag =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
	err "tag must be a version like 1.2.3 (got: $tag)"
fi

[[ ! -d $dir ]] && err "not a directory: $dir"
cd "$dir" || err "failed to enter directory: $dir"
git rev-parse --is-inside-work-tree &>/dev/null ||
	err "not a git repository: $(pwd)"

branch=$(git branch --show-current) || err "failed to get current branch"
[[ -n $branch ]] || err "not on a branch"
[[ $branch == main ]] || err "not on main branch: $branch"

status=$(git status --porcelain) || err "git status failed at: $(pwd)"
[[ -n $status ]] && err "working tree is dirty"

old=$(git rev-parse HEAD) || err "git rev-parse failed at: $(pwd)"
git pull -q --ff-only || err "failed to update repo"
new=$(git rev-parse HEAD) || err "git rev-parse failed after pull at: $(pwd)"

if [[ $old != "$new" || ! -d site ]]; then
	if ! docker run --rm -v "$PWD:/docs" "zensical/zensical:$tag" build; then
		err "build failed"
	fi
fi

[[ -d site ]] || err "build did not produce site directory"
if [[ -n $label ]]; then
	chcon -R -- "$label" site || err "failed to change SELinux context: $label"
fi
