name: Update JSON Date via GitHub App

on:
  schedule:
    - cron: "0 */6 * * *"  # Läuft alle 6 Stunden
  workflow_dispatch:

jobs:
  check-open-prs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Repository
        uses: actions/checkout@v4

      - name: Install Dependencies
        run: sudo apt update && sudo apt install -y jq

      - name: Authenticate GitHub App
        id: auth
        run: |
          echo "Authenticating GitHub App..."

          HEADER_B64=$(echo -n '{"alg":"RS256","typ":"JWT"}' | openssl base64 -A | tr -d '=' | tr '/+' '_-')
          NOW=$(date +%s)
          EXP=$((NOW + 600))
          PAYLOAD_B64=$(echo -n "{\"iat\":$NOW,\"exp\":$EXP,\"iss\":${{ secrets.JSON_APP_ID }}}" | openssl base64 -A | tr -d '=' | tr '/+' '_-')

          SIGNATURE=$(echo -n "$HEADER_B64.$PAYLOAD_B64" | openssl dgst -sha256 -sign <(echo "${{ secrets.JSON_APP_KEY }}") | openssl base64 -A | tr -d '=' | tr '/+' '_-')

          JWT="$HEADER_B64.$PAYLOAD_B64.$SIGNATURE"

          INSTALLATION_ID=$(curl -s -X GET -H "Authorization: Bearer $JWT" -H "Accept: application/vnd.github+json" \
            https://api.github.com/app/installations | jq -r '.[0].id')

          ACCESS_TOKEN=$(curl -s -X POST -H "Authorization: Bearer $JWT" -H "Accept: application/vnd.github+json" \
            https://api.github.com/app/installations/$INSTALLATION_ID/access_tokens | jq -r '.token')

          echo "GH_ACCESS_TOKEN=$ACCESS_TOKEN" >> $GITHUB_ENV

      - name: Debug: Anzeigen aller offenen PRs als JSON
        run: |
          echo "Fetching open PRs with full JSON output..."
          gh pr list --state open --json number,headRepository,headRefName > pr_debug.json || echo "Failed to fetch PRs"
          cat pr_debug.json || echo "No PR data"

      - name: Get Open PRs
        run: |
          echo "Fetching open PRs..."
          PRS=$(gh pr list --state open --json number,headRepository,headRefName \
            --jq '[.[] | select(.headRepository.owner.login and .headRepository.name) | {number: .number, repo: (.headRepository.owner.login + "/" + .headRepository.name), branch: .headRefName}]' || echo "")

          if [[ -z "$PRS" || "$PRS" == "[]" ]]; then
            echo "No open PRs found. Debug output:"
            cat pr_debug.json || echo "No PRs available"
            exit 0
          fi

          echo "$PRS" | jq -c '.[]' > pr_list.json
        env:
          GH_TOKEN: ${{ env.GH_ACCESS_TOKEN }}

      - name: Process Each PR
        if: success()
        run: |
          if [[ ! -f "pr_list.json" ]]; then
            echo "pr_list.json not found, skipping PR processing"
            exit 0
          fi

          TODAY=$(date -u +"%Y-%m-%d")

          while read -r PR_ENTRY; do
            if [[ -z "$PR_ENTRY" ]]; then
              echo "Skipping empty PR entry."
              continue
            fi

            PR_NUMBER=$(echo "$PR_ENTRY" | jq -r '.number // empty')
            PR_REPO=$(echo "$PR_ENTRY" | jq -r '.repo // empty')
            PR_BRANCH=$(echo "$PR_ENTRY" | jq -r '.branch // empty')

            if [[ -z "$PR_NUMBER" || -z "$PR_REPO" || -z "$PR_BRANCH" ]]; then
              echo "Skipping invalid PR entry: $PR_ENTRY"
              continue
            fi

            echo "Processing PR #$PR_NUMBER from $PR_REPO:$PR_BRANCH"

            # Fork-Repo klonen
            REPO_URL="https://x-access-token:${{ env.GH_ACCESS_TOKEN }}@github.com/$PR_REPO.git"

            echo "Cloning $REPO_URL"
            git clone --depth=1 "$REPO_URL"
            cd "$(basename "$PR_REPO")" || exit 1

            # Sicherstellen, dass der Branch existiert
            git fetch origin "$PR_BRANCH" || { echo "Branch $PR_BRANCH does not exist in fork. Skipping..."; cd ..; rm -rf "$(basename "$PR_REPO")"; continue; }
            git checkout "$PR_BRANCH"

            # Get newly added JSON files
            NEW_JSON_FILES=$(gh api repos/${{ github.repository }}/pulls/$PR_NUMBER/files \
              --jq '.[].filename' | grep '^json/.*\.json$' || true)

            if [[ -z "$NEW_JSON_FILES" ]]; then
              echo "No new JSON files in PR #$PR_NUMBER"
              cd ..
              rm -rf "$(basename "$PR_REPO")"
              continue
            fi

            UPDATED=false

            for FILE in $NEW_JSON_FILES; do
              if [[ -f "$FILE" ]]; then
                DATE_IN_JSON=$(jq -r '.date_created' "$FILE")

                if [[ "$DATE_IN_JSON" != "$TODAY" ]]; then
                  echo "Updating $FILE: $DATE_IN_JSON -> $TODAY"
                  jq --arg date "$TODAY" '.date_created = $date' "$FILE" > tmp.json && mv tmp.json "$FILE"
                  UPDATED=true
                fi
              else
                echo "File $FILE not found in the forked repo"
              fi
            done

            if [[ "$UPDATED" == "true" ]]; then
              git config --global user.name "github-actions[bot]"
              git config --global user.email "github-actions[bot]@users.noreply.github.com"
              git commit -am "Update date_created in new JSON files"
              git push origin "$PR_BRANCH"
              echo "Updated PR #$PR_NUMBER and pushed changes."
            else
              echo "No updates needed for PR #$PR_NUMBER"
            fi

            cd ..
            rm -rf "$(basename "$PR_REPO")"
          done < pr_list.json
        env:
          GH_TOKEN: ${{ env.GH_ACCESS_TOKEN }}