TAILWIND_VERSION := v4.1.18
TAILWIND         := ./bin/tailwindcss
SOPS_DOTENV      := sops --input-type dotenv --output-type dotenv

.PHONY: help dev init-landing-seeds css-build css-watch \
        secrets-decrypt-dev secrets-decrypt-prod \
        secrets-edit-dev secrets-edit-prod \
        secrets-encrypt-dev secrets-encrypt-prod \
        secrets-updatekeys-prod

help:
	@echo "Available targets:"
	@echo "  dev                    Start full dev environment (reset DB, migrate, seed, app + worker + CSS watcher)"
	@echo "  init-landing-seeds     Create seed landing files for SQLMesh (run once after clone)"
	@echo "  css-build              Build + minify Tailwind CSS"
	@echo "  css-watch              Watch + rebuild Tailwind CSS"
	@echo "  secrets-decrypt-dev    Decrypt .env.dev.sops → .env"
	@echo "  secrets-decrypt-prod   Decrypt .env.prod.sops → .env"
	@echo "  secrets-edit-dev       Edit .env.dev.sops in \$$EDITOR"
	@echo "  secrets-edit-prod      Edit .env.prod.sops in \$$EDITOR"
	@echo "  secrets-encrypt-dev    Encrypt .env (plaintext) → .env.dev.sops"
	@echo "  secrets-encrypt-prod   Encrypt .env (plaintext) → .env.prod.sops"
	@echo "  secrets-updatekeys-prod  Re-encrypt .env.prod.sops for all keys in .sops.yaml"

# ── Dev environment ───────────────────────────────────────────────────────────

dev:
	@./web/scripts/dev_run.sh

# ── Landing seeds ─────────────────────────────────────────────────────────────
# Create seed files for SQLMesh staging models that require at least one landing file.
# Run once after a fresh clone (data/ is gitignored so seeds are not in git).

init-landing-seeds:
	@uv run python web/scripts/init_landing_seeds.py

# ── CSS ───────────────────────────────────────────────────────────────────────

bin/tailwindcss:
	@mkdir -p bin
	curl -sLo bin/tailwindcss https://github.com/tailwindlabs/tailwindcss/releases/download/$(TAILWIND_VERSION)/tailwindcss-linux-x64
	chmod +x bin/tailwindcss

css-build: bin/tailwindcss
	$(TAILWIND) -i web/src/padelnomics/static/css/input.css -o web/src/padelnomics/static/css/output.css --minify

css-watch: bin/tailwindcss
	$(TAILWIND) -i web/src/padelnomics/static/css/input.css -o web/src/padelnomics/static/css/output.css --watch

# ── Secrets (SOPS + age) ─────────────────────────────────────────────────────
# Requires: sops (https://github.com/getsops/sops) + age (https://github.com/FiloSottile/age)
# Keys config: .sops.yaml
# .env.*.sops files use dotenv format but sops can't infer from the extension,
# so we pass --input-type / --output-type explicitly.
# Encrypted files are safe to commit to git.

secrets-decrypt-dev:
	$(SOPS_DOTENV) --decrypt .env.dev.sops > .env
	@echo "Decrypted .env.dev.sops → .env"

secrets-decrypt-prod:
	$(SOPS_DOTENV) --decrypt .env.prod.sops > .env
	@echo "Decrypted .env.prod.sops → .env"

secrets-edit-dev:
	$(SOPS_DOTENV) .env.dev.sops

secrets-edit-prod:
	$(SOPS_DOTENV) .env.prod.sops

secrets-encrypt-dev:
	$(SOPS_DOTENV) --encrypt --in-place .env.dev.sops
	@echo "Encrypted .env.dev.sops (commit this file)"

secrets-encrypt-prod:
	$(SOPS_DOTENV) --encrypt --in-place .env.prod.sops
	@echo "Encrypted .env.prod.sops (commit this file)"

secrets-updatekeys-prod:
	sops updatekeys --input-type dotenv .env.prod.sops