#!/usr/bin/env bash
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
SKILL_ROOT="$(dirname "$SCRIPT_DIR")"
source "$SCRIPT_DIR/_common.sh"

: "${CF_API_TOKEN:=}"
: "${CF_ZONE_NAME:=}"

api() {
  local method="$1"; shift
  local url="$1"; shift
  curl -sS -X "$method" "$url" \
    -H "Authorization: Bearer $CF_API_TOKEN" \
    -H "Content-Type: application/json" \
    "$@"
}

main() {
  confirm_gate
  [[ -n "$CF_API_TOKEN" ]] || die "CF_API_TOKEN is required."
  [[ -n "$CF_ZONE_NAME" ]] || die "CF_ZONE_NAME is required."
  need jq
  need curl

  local mirror_file="$SKILL_ROOT/outputs/mirror_records.json"
  if [[ ! -f "$mirror_file" ]]; then
    die "Missing $mirror_file. Create it like: [{\"type\":\"A\",\"name\":\"app\",\"content\":\"1.2.3.4\",\"ttl\":120}]"
  fi

  log_info "Resolving Cloudflare zone id for: $CF_ZONE_NAME"
  local zid; zid="$(api GET "https://api.cloudflare.com/client/v4/zones?name=$CF_ZONE_NAME" | jq -r '.result[0].id')"
  [[ -n "$zid" && "$zid" != "null" ]] || die "Unable to resolve zone id."

  # For each record, create/update in CF
  created_ids=[]
  results=[]
  while IFS= read -r rec; do
    rtype="$(echo "$rec" | jq -r '.type')"
    rname="$(echo "$rec" | jq -r '.name')"
    rcontent="$(echo "$rec" | jq -r '.content')"
    rttl="$(echo "$rec" | jq -r '.ttl // 120')"

    # Convert short name to FQDN if needed
    if [[ "$rname" != *"."* ]]; then
      fqdn="${rname}.${CF_ZONE_NAME}"
    else
      fqdn="$rname"
    fi

    # check existing
    existing="$(api GET "https://api.cloudflare.com/client/v4/zones/$zid/dns_records?type=$rtype&name=$fqdn")"
    rid="$(echo "$existing" | jq -r '.result[0].id')"

    if [[ -n "$rid" && "$rid" != "null" ]]; then
      log_info "Updating $rtype $fqdn"
      api PUT "https://api.cloudflare.com/client/v4/zones/$zid/dns_records/$rid" \
        --data "{\"type\":\"$rtype\",\"name\":\"$fqdn\",\"content\":\"$rcontent\",\"ttl\":$rttl,\"proxied\":true}" \
        | jq -e '.success==true' >/dev/null || die "Failed update for $fqdn"
      echo "$rid" >> "$SKILL_ROOT/outputs/cloudflare_record_ids.txt"
    else
      log_info "Creating $rtype $fqdn"
      resp="$(api POST "https://api.cloudflare.com/client/v4/zones/$zid/dns_records" \
        --data "{\"type\":\"$rtype\",\"name\":\"$fqdn\",\"content\":\"$rcontent\",\"ttl\":$rttl,\"proxied\":true}")"
      echo "$resp" | jq -e '.success==true' >/dev/null || die "Failed create for $fqdn"
      new_id="$(echo "$resp" | jq -r '.result.id')"
      echo "$new_id" >> "$SKILL_ROOT/outputs/cloudflare_record_ids.txt"
    fi
  done < <(jq -c '.[]' "$mirror_file")

  log_info "Cloudflare mirror applied. IDs saved to outputs/cloudflare_record_ids.txt"
}
main "$@"