import os
import requests
from typing import Dict, List

GITEA_API_URL = os.getenv("GITEA_API_URL")
GITEA_TOKEN = os.getenv("GITEA_TOKEN")
ORGANIZATION = "Timmy_Foundation"
REPOSITORIES = ["hermes-agent", "the-nexus", "timmy-home", "timmy-config"]

BRANCH_PROTECTION = {
    "required_pull_request_reviews": {
        "dismiss_stale_reviews": True,
        "required_approving_review_count": 1
    },
    "required_status_checks": {
        "strict": True,
        "contexts": ["ci/cd", "lint", "security"]
    },
    "enforce_admins": True,
    "restrictions": {
        "team_whitelist": ["maintainers"],
        "app_whitelist": []
    },
    "block_force_push": True,
    "block_deletions": True
}

def apply_protection(repo: str):
    url = f"{GITEA_API_URL}/repos/{ORGANIZATION}/{repo}/branches/main/protection"
    headers = {
        "Authorization": f"token {GITEA_TOKEN}",
        "Content-Type": "application/json"
    }
    response = requests.post(url, json=BRANCH_PROTECTION, headers=headers)
    if response.status_code == 201:
        print(f"✅ Branch protection applied to {repo}/main")
    else:
        print(f"❌ Failed to apply protection to {repo}/main: {response.text}")

if __name__ == "__main__":
    for repo in REPOSITORIES:
        apply_protection(repo)