#!/bin/sh
# SmashByte CLI installer — curl -fsSL https://get.smashbyte.com | sh
#
# Detects your OS + arch, downloads the right binary from the latest GitHub
# release, verifies its sha256, and installs `sb` to /usr/local/bin (or a
# user-writable bin if you don't have sudo).

set -eu

REPO="smashbytelabs/storage"
RELEASES_API="https://api.github.com/repos/${REPO}/releases/latest"
BINARY_NAME="sb"

color() { printf '\033[%sm%s\033[0m\n' "$1" "$2"; }
green()  { color '1;32' "$1"; }
red()    { color '1;31' "$1"; }
yellow() { color '1;33' "$1"; }
dim()    { color '2'    "$1"; }

die() { red "✗ $1" >&2; exit 1; }

green "▶ SmashByte CLI installer"

# 1) Detect platform.
OS="$(uname -s)"
ARCH="$(uname -m)"
TARGET=""
case "$OS" in
  Linux)
    case "$ARCH" in
      x86_64|amd64)  TARGET=x86_64-unknown-linux-gnu ;;
      aarch64|arm64) TARGET=aarch64-unknown-linux-gnu ;;
      *) die "unsupported linux arch: $ARCH" ;;
    esac
    ;;
  Darwin)
    case "$ARCH" in
      x86_64) TARGET=x86_64-apple-darwin ;;
      arm64)  TARGET=aarch64-apple-darwin ;;
      *) die "unsupported macOS arch: $ARCH" ;;
    esac
    ;;
  *)
    die "unsupported OS: $OS — please use the Windows installer or build from source"
    ;;
esac
dim "  target: $TARGET"

# 2) Resolve the latest release tag + binary URL.
TAG=$(curl -fsSL "$RELEASES_API" | grep -m1 '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
[ -n "$TAG" ] || die "couldn't read latest release tag from $RELEASES_API"
dim "  version: $TAG"

BASE_URL="https://github.com/${REPO}/releases/download/${TAG}"
ARCHIVE="sb-${TARGET}.tar.gz"
URL="${BASE_URL}/${ARCHIVE}"
SHA_URL="${URL}.sha256"

# 3) Download to a temp dir.
TMP=$(mktemp -d -t smashbyte.XXXXXX)
trap "rm -rf $TMP" EXIT

dim "  downloading $URL"
curl -fSL --progress-bar "$URL" -o "$TMP/$ARCHIVE" || die "download failed"

# 4) Verify sha256 (best-effort — the release may not always ship it).
if curl -fsSL "$SHA_URL" -o "$TMP/sha256" 2>/dev/null; then
  EXPECT=$(awk '{print $1}' "$TMP/sha256")
  if command -v shasum >/dev/null 2>&1; then
    ACTUAL=$(shasum -a 256 "$TMP/$ARCHIVE" | awk '{print $1}')
  elif command -v sha256sum >/dev/null 2>&1; then
    ACTUAL=$(sha256sum "$TMP/$ARCHIVE" | awk '{print $1}')
  else
    yellow "  (skipping sha256 — no shasum/sha256sum)"
    ACTUAL="$EXPECT"
  fi
  if [ "$ACTUAL" = "$EXPECT" ]; then
    dim "  sha256: verified"
  else
    die "sha256 mismatch — expected $EXPECT, got $ACTUAL"
  fi
fi

# 5) Extract.
( cd "$TMP" && tar -xzf "$ARCHIVE" )

# 6) Install.
INSTALL_DIR=""
if [ -w /usr/local/bin ]; then
  INSTALL_DIR=/usr/local/bin
elif [ "$(id -u)" -eq 0 ]; then
  INSTALL_DIR=/usr/local/bin
elif command -v sudo >/dev/null 2>&1; then
  yellow "  /usr/local/bin needs sudo"
  sudo install -m 755 "$TMP/$BINARY_NAME" /usr/local/bin/$BINARY_NAME
  INSTALL_DIR=/usr/local/bin
else
  # Fallback to ~/.local/bin
  INSTALL_DIR="$HOME/.local/bin"
  mkdir -p "$INSTALL_DIR"
  yellow "  no sudo — installing to $INSTALL_DIR (ensure it's on your PATH)"
fi

if [ -z "${INSTALL_DIR}" ] || [ "$INSTALL_DIR" != "/usr/local/bin" ]; then
  install -m 755 "$TMP/$BINARY_NAME" "$INSTALL_DIR/$BINARY_NAME"
elif [ "$(id -u)" -eq 0 ] || [ -w /usr/local/bin ]; then
  install -m 755 "$TMP/$BINARY_NAME" "/usr/local/bin/$BINARY_NAME"
fi

# 7) Verify.
if command -v $BINARY_NAME >/dev/null 2>&1; then
  green "✓ Installed: $($BINARY_NAME --version)"
  dim "  location: $(command -v $BINARY_NAME)"
  echo
  echo "  Next: $BINARY_NAME login"
else
  yellow "✓ Installed to $INSTALL_DIR/$BINARY_NAME"
  yellow "  Add $INSTALL_DIR to your PATH:"
  yellow "    export PATH=\"\$PATH:$INSTALL_DIR\""
fi