#!/usr/bin/env bash
# Install deploy-only GitHub Actions workflow (Phase 1 — no ProxyHawk Guard).
#
#   curl -fsSL https://proxyhawk.io/guard-ci/install-deploy.sh | bash
#
set -euo pipefail

BASE="${PROXYHAWK_GUARD_CI_BASE:-https://proxyhawk.io/guard-ci}"
WF=".github/workflows"

mkdir -p "$WF"

for f in deploy-wait.yml deploy.yml; do
  echo "→ $WF/$f"
  curl -fsSL "${BASE}/workflows/${f}" -o "${WF}/${f}"
done

cat <<'EOF'

✓ Installed deploy-only workflow files (no Guard).

NEXT STEPS:
  1. Add .github/workflows/ci.yml — test + deploy-staging calling deploy-wait.yml
     Template: https://proxyhawk.io/guard-ci/ci-deploy-only.example.yml
     (or copy ci-deploy-only.example.yml from ProxyHawk repo)

  2. GitHub Variables: STAGING_API_URL, STAGING_DEPLOY_PLATFORM
     GitHub Secret:   STAGING_DEPLOY_HOOK

  3. Host: Auto-Deploy OFF, health endpoint must return gitSha

  4. git add .github/workflows/ && git commit && git push

Phase 2 (Guard): https://proxyhawk.io/docs/guard-ci-existing-pipeline.html
EOF