"""
SSH advanced configuration schema.

Integrates provctl-machines capabilities for distributed operations with pooling and circuit breaker.
"""

schema TypesSsh:
    AuthMethod: "password" | "private_key" | "agent"
    DeploymentStrategy: "rolling" | "blue-green" | "canary"
    RetryStrategy: "exponential" | "linear" | "fibonacci"

schema SshAuth:
    """SSH authentication configuration"""
    method: TypesSsh.AuthMethod

    # Password authentication
    password?: str

    # Private key authentication
    key_path?: str
    passphrase?: str

    check:
        (method == "password" and password != None) or \
        (method == "private_key" and key_path != None) or \
        (method == "agent"), \
        "Invalid auth configuration for method"

schema SshConfig:
    """SSH connection configuration"""

    host: str
    port: int = 22
    user: str
    auth: SshAuth

    # Connection timeout in seconds
    timeout_secs: int = 30

    # SSH options (e.g., StrictHostKeyChecking)
    ssh_options?: {str: str}

    check:
        len(host) > 0, "host must not be empty"
        port > 0 and port <= 65535, "port must be 1-65535"
        len(user) > 0, "user must not be empty"
        timeout_secs > 0, "timeout_secs must be positive"

schema SshPool:
    """SSH connection pool configuration"""

    # Pool name
    name: str

    # Hosts in the pool
    hosts: [SshConfig]

    # Pool size (max concurrent connections)
    pool_size: int = 10

    # Idle connection timeout in seconds
    idle_timeout_secs: int = 300

    check:
        len(name) > 0, "name must not be empty"
        len(hosts) >= 0, "hosts must be a valid list"
        pool_size > 0, "pool_size must be positive"

schema DeploymentConfig:
    """SSH-based deployment configuration"""

    # Deployment name
    name: str

    # Target hosts
    hosts: [SshConfig]

    # Deployment strategy
    strategy: TypesSsh.DeploymentStrategy = "rolling"

    # Command to execute
    command: str

    # Retry strategy
    retry: TypesSsh.RetryStrategy = "exponential"
    max_retries: int = 3

    # Parallel execution
    parallel: bool = True

    # Dry-run mode
    check_mode: bool = False

    check:
        len(name) > 0, "name must not be empty"
        len(hosts) > 0, "hosts must not be empty"
        len(command) > 0, "command must not be empty"
        max_retries >= 0, "max_retries must be non-negative"

schema CircuitBreakerConfig:
    """Circuit breaker configuration for SSH operations"""

    # Failure threshold
    failure_threshold: int = 5

    # Success threshold for recovery
    success_threshold: int = 2

    # Timeout in seconds before attempting reset
    reset_timeout_secs: int = 60

    check:
        failure_threshold > 0, "failure_threshold must be positive"
        success_threshold > 0, "success_threshold must be positive"
        reset_timeout_secs > 0, "reset_timeout_secs must be positive"

# Global SSH configuration
ssh_pool_config: SshPool = {
    name = "default"
    hosts = []
    pool_size = 10
    idle_timeout_secs = 300
}

circuit_breaker: CircuitBreakerConfig = {
    failure_threshold = 5
    success_threshold = 2
    reset_timeout_secs = 60
}