#!/usr/bin/env bash
# Env check for L4 deploy-pre stage
# 验证环境变量必填项 + DB/Redis/MQ/外部 API 连通性
#
# Usage: bash scripts/ops/env-check.sh <env>
#   env: uat | production

set -euo pipefail

ENV="${1:-}"
if [[ -z "$ENV" ]]; then
  echo "Usage: $0 <uat|production>" >&2
  exit 2
fi

case "$ENV" in
  uat)        ENV_FILE=".env.uat" ;;
  production) ENV_FILE=".env.pro" ;;
  *) echo "Unknown env: $ENV" >&2; exit 2 ;;
esac

if [[ ! -f "$ENV_FILE" ]]; then
  echo "❌ $ENV_FILE not found" >&2
  exit 1
fi

# 加载 env file
set -a
# shellcheck disable=SC1090
source "$ENV_FILE"
set +a

REQUIRED_VARS=(
  DATABASE_URL
  JWT_SECRET
  # TODO: 补充本项目实际必填项
  # REDIS_URL
  # MQ_URL
  # 第三方 API key
)

PASS=0
FAIL=0

check_var() {
  local name="$1"
  echo -n "  [$name] ... "
  if [[ -n "${!name:-}" ]]; then
    echo "✅ set"
    PASS=$((PASS+1))
  else
    echo "❌ MISSING"
    FAIL=$((FAIL+1))
  fi
}

check_conn() {
  local name="$1"
  local cmd="$2"
  echo -n "  [conn: $name] ... "
  if eval "$cmd" >/dev/null 2>&1; then
    echo "✅ reachable"
    PASS=$((PASS+1))
  else
    echo "❌ UNREACHABLE"
    FAIL=$((FAIL+1))
  fi
}

echo "=== Env check: $ENV ==="
echo "[Required vars]"
for v in "${REQUIRED_VARS[@]}"; do
  check_var "$v"
done

echo ""
echo "[Connectivity]"
# DB 连通性：用 nc -z（默认装），不用 pg_isready（生产/UAT 服务器无 postgresql-client）
# 见 issue #190
if [[ -n "${DATABASE_URL:-}" ]]; then
  DB_HOST=$(echo "$DATABASE_URL" | sed -n 's|.*@\([^:/]*\).*|\1|p')
  DB_PORT=$(echo "$DATABASE_URL" | sed -n 's|.*@[^:]*:\([0-9]*\)/.*|\1|p')
  DB_PORT="${DB_PORT:-5432}"
  check_conn "DB $DB_HOST:$DB_PORT" "nc -z -w 2 '$DB_HOST' '$DB_PORT'"
fi

# TODO: Redis / MQ / 第三方 API 连通性

echo ""
echo "Result: $PASS passed, $FAIL failed"
[[ $FAIL -eq 0 ]] || exit 1