#!/usr/bin/env bash
# Ordered VLAN segmentation checklist (operator log). Does NOT configure UDM/Proxmox.
# Usage: ./scripts/it-ops/vlan-segmentation-ordered-checklist.sh [--apply]
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
STATE_DIR="${PROJECT_ROOT}/reports/status"
STATE_FILE="${STATE_DIR}/vlan_segmentation_checklist_state.json"
APPLY=false
[[ "${1:-}" == "--apply" ]] && APPLY=true

STEPS=(
  "1_oob_ipmi:Out-of-band / IPMI (if any)"
  "2_tenant_vlans_200plus:Tenant-facing VLANs 200+"
  "3_besu_validators_rpc:Besu validators and RPC"
  "4_sankofa_app_tier:Sankofa app tier (portal, Keycloak, NPM upstreams)"
)

mkdir -p "$STATE_DIR"
TS="$(date -u +%Y-%m-%dT%H:%M:%SZ)"

if ! command -v python3 &>/dev/null; then
  echo "python3 required" >&2
  exit 1
fi

python3 - "$STATE_FILE" "$TS" "$APPLY" "${STEPS[@]}" <<'PY'
import json
import sys
from pathlib import Path

path = Path(sys.argv[1])
ts = sys.argv[2]
apply = str(sys.argv[3]).lower() == "true"
raw_steps = sys.argv[4:]
steps = []
for s in raw_steps:
    if ":" in s:
        sid, title = s.split(":", 1)
        steps.append({"id": sid, "title": title})

data = {"updated_at": ts, "steps": steps, "completed": {}}
if path.is_file():
    try:
        old = json.loads(path.read_text(encoding="utf-8"))
        if isinstance(old.get("completed"), dict):
            data["completed"] = old["completed"]
    except json.JSONDecodeError:
        pass

print("VLAN segmentation — ordered checklist (spec order)\n")
for st in steps:
    cid = st["id"]
    done = data["completed"].get(cid)
    mark = "✓" if done else " "
    print(f"  [{mark}] {cid}: {st['title']}")
    if done:
        print(f"        completed_at: {done}")

if not apply:
    print("\nDry-run only. Re-run with --apply after completing each wave (updates state file).")
    path.write_text(json.dumps(data, indent=2), encoding="utf-8")
    sys.exit(0)

print("\n--apply: mark steps complete interactively (empty line to skip).")
for st in steps:
    cid = st["id"]
    if data["completed"].get(cid):
        continue
    try:
        ans = input(f"Mark '{cid}' complete now? [y/N]: ").strip().lower()
    except EOFError:
        break
    if ans in ("y", "yes"):
        data["completed"][cid] = ts

path.write_text(json.dumps(data, indent=2), encoding="utf-8")
print(f"Wrote {path}")
PY