provisioning/scripts/init-nickel-repos.nu

#!/usr/bin/env nu
# Initialize Nickel schema and config repos
# REQUIRES: .env loaded before execution
# Usage: source .env && nu provisioning/scripts/init-nickel-repos.nu

# Constants
let git_org = "provisioning"
let repos = ["provisioning-schemas", "provisioning-configs"]
let tmp_dir = $env.TMPDIR? | default "/tmp"

# Verify required env vars
if ($env.GITREPO_URL? | is-empty) {
  print "❌ Missing GITREPO_URL in environment"
  exit 1
}

if ($env.GITREPO_TOKEN? | is-empty) {
  print "❌ Missing GITREPO_TOKEN in environment"
  exit 1
}

if ($env.GITREPO_USER? | is-empty) {
  print "❌ Missing GITREPO_USER in environment"
  exit 1
}

print "🔧 Initializing Nickel repos"
print $"   Git URL: ($env.GITREPO_URL)"
print $"   Organization: ($git_org)"
print $"   Repos: ($repos | str join ', ')"
print ""

# ============================================================================
# Ensure organization exists
# ============================================================================

def ensure-org [] {
  let org = "provisioning"
  print $"📦 Ensuring organization '($org)' exists..."

  let check = (curl -s -H $"Authorization: token ($env.GITREPO_TOKEN)" $"($env.GITREPO_URL)/api/v1/orgs/($org)" --output /dev/null -w "%{http_code}")

  if $check != "200" {
    print "   Creating organization..."
    curl -s -X POST -H $"Authorization: token ($env.GITREPO_TOKEN)" -H "Content-Type: application/json" -d '{"username":"provisioning","full_name":"Provisioning"}' $"($env.GITREPO_URL)/api/v1/user/orgs" > /dev/null
    print "   ✓ Created"
  } else {
    print "   ✓ Already exists"
  }
}

# ============================================================================
# Ensure repository exists
# ============================================================================

def ensure-repo [repo: string] {
  let org = "provisioning"
  print $"📝 Ensuring repo: ($repo)"

  let check = (curl -s -H $"Authorization: token ($env.GITREPO_TOKEN)" $"($env.GITREPO_URL)/api/v1/repos/($org)/($repo)" --output /dev/null -w "%{http_code}")

  if $check != "200" {
    print "   Creating..."
    let json_data = {name: $repo, description: $"Provisioning ($repo)", auto_init: true, private: false}
    curl -s -X POST -H $"Authorization: token ($env.GITREPO_TOKEN)" -H "Content-Type: application/json" -d ($json_data | to json) $"($env.GITREPO_URL)/api/v1/orgs/($org)/repos" out+err> /dev/null
    print "   ✓ Created"
  } else {
    print "   ✓ Already exists"
  }
}

# ============================================================================
# Sync schemas repository
# ============================================================================

def sync-schemas [] {
  let repo = "provisioning-schemas"
  let org = "provisioning"
  let repo_dir = $"($tmp_dir)/nickel-repos-init/($repo)"
  let clone_url = $"http://($env.GITREPO_USER):($env.GITREPO_TOKEN)@localhost:3000/($org)/($repo).git"

  print ""
  print $"📂 Syncing ($repo)..."

  mkdir -v $repo_dir

  if ($repo_dir | path exists) {
    cd $repo_dir
    git pull origin main out+err> /dev/null
    cd -
  } else {
    git clone $clone_url $repo_dir out+err> /dev/null
  }

  # Create directories
  mkdir -v $"($repo_dir)/platform/services"
  mkdir -v $"($repo_dir)/platform/defaults/deployment"
  mkdir -v $"($repo_dir)/platform/common"

  # VERSION
  "1.0.0" | save -f $"($repo_dir)/VERSION"

  # Types
  '{
  Hostname = String,
  Port = Number,
  Url = String,
  LogLevel = [| "trace", "debug", "info", "warn", "error" |],
}' | save -f $"($repo_dir)/platform/common/types.ncl"

  # Helpers
  '{
  compose_config = fun defaults mode user_overrides =>
    let merge = fun a b =>
      if (std.record.is_record a) and (std.record.is_record b) then
        a | std.record.merge b else b
    in merge (merge defaults mode) user_overrides,
}' | save -f $"($repo_dir)/platform/common/helpers.ncl"

  # Orchestrator service
  '{
  service = {name = "orchestrator", version = "4.0.0"},
  enabled = true,
  server = {host = "127.0.0.1", port = 9090, workers = 4},
  database = {url = "ws://127.0.0.1:8000", namespace = "provisioning", database = "orchestrator"},
  queue = {max_concurrent_tasks = 5, retry_attempts = 3},
  mode = {deployment = "local"},
  logging = {level = "info", format = "compact"},
}' | save -f $"($repo_dir)/platform/services/orchestrator.ncl"

  # Vault service
  '{
  service = {name = "vault-service", version = "1.0.0"},
  enabled = true,
  server = {host = "127.0.0.1", port = 8082, workers = 2},
  database = {url = "ws://127.0.0.1:8000", namespace = "provisioning", database = "vault"},
  backend = {backend_type = "secretum-vault", secretum_vault = {binary_path = "~/.local/bin/svault"}},
  mode = {deployment = "local"},
  logging = {level = "info", format = "compact"},
}' | save -f $"($repo_dir)/platform/services/vault-service.ncl"

  # Local defaults
  '{
  server = {host = "127.0.0.1", workers = 2},
  database = {url = "ws://127.0.0.1:8000"},
  mode = {deployment = "local"},
  logging = {level = "debug", format = "compact"},
}' | save -f $"($repo_dir)/platform/defaults/deployment/local.ncl"

  # README
  '# Provisioning Schemas

Nickel schema definitions for provisioning platform services.

## Structure
- `platform/services/` - Service definitions
- `platform/defaults/deployment/` - Deployment mode defaults
- `platform/common/` - Shared types and helpers' | save -f $"($repo_dir)/README.md"

  # Commit
  cd $repo_dir
  git add .
  git commit -m "Initial schema structure" --allow-empty out+err> /dev/null
  git push -u origin main out+err> /dev/null
  cd -

  print "   ✓ Synced"
}

# ============================================================================
# Sync configs repository
# ============================================================================

def sync-configs [] {
  let repo = "provisioning-configs"
  let org = "provisioning"
  let repo_dir = $"($tmp_dir)/nickel-repos-init/($repo)"
  let clone_url = $"http://($env.GITREPO_USER):($env.GITREPO_TOKEN)@localhost:3000/($org)/($repo).git"

  print ""
  print $"📂 Syncing ($repo)..."

  mkdir -v $repo_dir

  if ($repo_dir | path exists) {
    cd $repo_dir
    git pull origin main out+err> /dev/null
    cd -
  } else {
    git clone $clone_url $repo_dir out+err> /dev/null
  }

  # Local config
  '{
  enabled_services = ["orchestrator", "vault_service"],

  orchestrator = {
    service = {name = "orchestrator", version = "4.0.0"},
    enabled = true,
    server = {host = "127.0.0.1", port = 9090, workers = 4},
    database = {url = "ws://127.0.0.1:8000", namespace = "provisioning", database = "orchestrator"},
    mode = {deployment = "local"},
    logging = {level = "debug", format = "compact"},
  },

  vault_service = {
    service = {name = "vault-service", version = "1.0.0"},
    enabled = true,
    server = {host = "127.0.0.1", port = 8082, workers = 2},
    database = {url = "ws://127.0.0.1:8000", namespace = "provisioning", database = "vault"},
    backend = {backend_type = "secretum-vault", secretum_vault = {binary_path = "~/.local/bin/svault"}},
    mode = {deployment = "local"},
    logging = {level = "info", format = "compact"},
  },
}' | save -f $"($repo_dir)/local.ncl"

  # README
  '# Provisioning Configs

Environment-specific configurations for provisioning services.

## Files
- `local.ncl` - Local development
- `staging.ncl` - Staging (future)
- `production.ncl` - Production (future)' | save -f $"($repo_dir)/README.md"

  # Commit
  cd $repo_dir
  git add .
  git commit -m "Initial configuration structure" --allow-empty out+err> /dev/null
  git push -u origin main out+err> /dev/null
  cd -

  print "   ✓ Synced"
}

# ============================================================================
# Main execution
# ============================================================================

ensure-org
$repos | each { |repo| ensure-repo $repo }
sync-schemas
sync-configs

print ""
print "✅ Done!"
print ""
print "📍 Repos:"
print $"   Schemas: ($env.GITREPO_URL)/($git_org)/provisioning-schemas"
print $"   Configs: ($env.GITREPO_URL)/($git_org)/provisioning-configs"
print ""
print "📁 Local: ($tmp_dir)/nickel-repos-init/"
print ""