// kubesolo-update is the atomic update agent for KubeSolo OS.
//
// It manages A/B partition updates with automatic rollback:
//
//	kubesolo-update check          Check for available updates
//	kubesolo-update apply          Download + write update to passive partition
//	kubesolo-update activate       Set passive partition as next boot target
//	kubesolo-update rollback       Force rollback to other partition
//	kubesolo-update healthcheck    Post-boot health verification
//	kubesolo-update status         Show current A/B slot and boot status
//	kubesolo-update sign           Sign update artifacts with Ed25519 key
//	kubesolo-update genkey         Generate new Ed25519 signing key pair
//	kubesolo-update metrics        Start Prometheus-compatible metrics server
package main

import (
	"fmt"
	"log/slog"
	"os"

	"github.com/portainer/kubesolo-os/update/cmd"
)

func main() {
	slog.SetDefault(slog.New(slog.NewTextHandler(os.Stderr, &slog.HandlerOptions{
		Level: slog.LevelInfo,
	})))

	if len(os.Args) < 2 {
		usage()
		os.Exit(1)
	}

	var err error
	switch os.Args[1] {
	case "check":
		err = cmd.Check(os.Args[2:])
	case "apply":
		err = cmd.Apply(os.Args[2:])
	case "activate":
		err = cmd.Activate(os.Args[2:])
	case "rollback":
		err = cmd.Rollback(os.Args[2:])
	case "healthcheck":
		err = cmd.Healthcheck(os.Args[2:])
	case "status":
		err = cmd.Status(os.Args[2:])
	case "sign":
		err = cmd.Sign(os.Args[2:])
	case "genkey":
		err = cmd.GenKey(os.Args[2:])
	case "metrics":
		err = cmd.Metrics(os.Args[2:])
	default:
		fmt.Fprintf(os.Stderr, "unknown command: %s\n\n", os.Args[1])
		usage()
		os.Exit(1)
	}

	if err != nil {
		slog.Error("command failed", "command", os.Args[1], "error", err)
		os.Exit(1)
	}
}

func usage() {
	fmt.Fprintf(os.Stderr, `Usage: kubesolo-update <command> [options]

Commands:
  check        Check for available updates
  apply        Download and write update to passive partition
  activate     Set passive partition as next boot target
  rollback     Force rollback to other partition
  healthcheck  Post-boot health verification (marks boot successful)
  status       Show current A/B slot and boot status
  sign         Sign artifacts with Ed25519 private key (build system)
  genkey       Generate new Ed25519 signing key pair
  metrics      Start Prometheus-compatible metrics HTTP server

Options:
  --server URL     Update server URL (default: from /etc/kubesolo/update.conf)
  --grubenv PATH   Path to grubenv file (default: /boot/grub/grubenv)
  --timeout SECS   Health check timeout in seconds (default: 120)
  --pubkey PATH    Ed25519 public key for signature verification (optional)

Examples:
  kubesolo-update check --server https://updates.example.com
  kubesolo-update apply --server https://updates.example.com --pubkey /etc/kubesolo/update-pubkey.hex
  kubesolo-update healthcheck
  kubesolo-update status
`)
}