#!/usr/bin/env bash
set -euo pipefail

TARGET_DIR="${1:-.}"
OUTPUT_DIR="${2:-tests/reports/agents}"
mkdir -p "$OUTPUT_DIR"
SUMMARY_FILE="$OUTPUT_DIR/ssh_scripts_agent.md"
source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/common.sh" || true

echo "# Agent SSH & scripts" > "$SUMMARY_FILE"
echo >> "$SUMMARY_FILE"

pushd "$TARGET_DIR" >/dev/null
if [[ "$SCOPE" == "changed" ]]; then
  relevant=(scripts/auto-ssh-push.sh scripts/init-ssh-env.sh scripts/setup-ssh-ci.sh docs/SSH_UPDATE.md)
  any=0; for p in "${relevant[@]}"; do if [[ -e "$p" ]] && is_path_changed "$p"; then any=1; break; fi; done
  if [[ $any -eq 0 ]]; then echo "- Aucun changement SSH/scripts pertinent (SCOPE=changed)." >> "$SUMMARY_FILE"; echo "Rapport: $SUMMARY_FILE"; popd >/dev/null; exit 0; fi
fi
paths=(
  scripts/auto-ssh-push.sh
  scripts/init-ssh-env.sh
  scripts/setup-ssh-ci.sh
  scripts/scripts/auto-ssh-push.sh
  scripts/scripts/init-ssh-env.sh
  scripts/scripts/setup-ssh-ci.sh
)

found=0
for p in "${paths[@]}"; do
  if [[ -f "$p" ]]; then echo "- Trouvé: $p" >> "$SUMMARY_FILE"; found=1; fi
done
if [[ $found -eq 0 ]]; then echo "- Scripts SSH standard introuvables (vérifier l’arborescence)." >> "$SUMMARY_FILE"; fi

if [[ -f docs/SSH_UPDATE.md ]]; then echo "- docs/SSH_UPDATE.md présent." >> "$SUMMARY_FILE"; fi

PROMPT=$(cat <<'EOF'
Propose une checklist de conformité SSH (permissions, secrets CI, idempotence, journalisation non sensible) et intégration de contrôles CI.
EOF
)
scripts/agents/ai_prompt.sh "$PROMPT" >> "$SUMMARY_FILE" || true

echo "Rapport: $SUMMARY_FILE"
popd >/dev/null