#!/usr/bin/env bash
# Snapshot loader for nightly-snapshot-check.yml
# 临时拉起 PostgreSQL → 加载生产脱敏快照 → 跑 L1c → cleanup
#
# Usage:
#   bash scripts/ops/snapshot-loader.sh load     # 拉起 + 加载快照
#   bash scripts/ops/snapshot-loader.sh cleanup  # 销毁临时 DB
#
# 环境变量：
#   SNAPSHOT_S3_URL          脱敏快照在对象存储中的位置
#   SNAPSHOT_DECRYPT_KEY     解密密钥（如有）
#   SNAPSHOT_DB_PORT         临时 DB 端口（默认 55432，避开常规 5432）

set -euo pipefail

ACTION="${1:-}"
SNAPSHOT_DB_NAME="${SNAPSHOT_DB_NAME:-ffoa_snapshot_check}"
SNAPSHOT_DB_PORT="${SNAPSHOT_DB_PORT:-55432}"
CONTAINER="ffoa-snapshot-check-pg"

case "$ACTION" in
  load)
    if [[ -z "${SNAPSHOT_S3_URL:-}" ]]; then
      echo "❌ SNAPSHOT_S3_URL 未设置" >&2
      exit 1
    fi

    # 1. 启动临时 PostgreSQL container
    echo "[1/4] 启动临时 PostgreSQL ($CONTAINER, port $SNAPSHOT_DB_PORT)"
    docker run -d --name "$CONTAINER" \
      -e POSTGRES_PASSWORD=snapshot \
      -e POSTGRES_DB="$SNAPSHOT_DB_NAME" \
      -p "$SNAPSHOT_DB_PORT:5432" \
      postgres:15

    # 等待 ready
    for i in $(seq 1 30); do
      if docker exec "$CONTAINER" pg_isready -U postgres >/dev/null 2>&1; then
        break
      fi
      sleep 1
    done

    # 2. 下载脱敏快照
    echo "[2/4] 下载脱敏快照 from $SNAPSHOT_S3_URL"
    SNAPSHOT_FILE=$(mktemp /tmp/snapshot.XXXXXX.sql.gz)
    # TODO: 替换为实际下载方式（aws s3 cp / curl / mc cp）
    echo "  TODO: 实现快照下载，当前为占位"
    # aws s3 cp "$SNAPSHOT_S3_URL" "$SNAPSHOT_FILE"

    # 3. 解密（如有）
    if [[ -n "${SNAPSHOT_DECRYPT_KEY:-}" ]]; then
      echo "[3/4] 解密快照"
      # TODO: openssl decrypt
    fi

    # 4. 加载到临时 DB
    echo "[4/4] 加载快照到 $SNAPSHOT_DB_NAME"
    # gunzip -c "$SNAPSHOT_FILE" | docker exec -i "$CONTAINER" psql -U postgres -d "$SNAPSHOT_DB_NAME"

    SNAPSHOT_DATABASE_URL="postgresql://postgres:snapshot@localhost:$SNAPSHOT_DB_PORT/$SNAPSHOT_DB_NAME"
    echo "✅ Snapshot loaded. DATABASE_URL=$SNAPSHOT_DATABASE_URL"
    # CI 上下文：导出给后续 step 用（Gitea Actions / GitHub Actions 都识别 GITHUB_ENV）
    if [[ -n "${GITHUB_ENV:-}" && -w "${GITHUB_ENV}" ]]; then
      echo "DATABASE_URL=${SNAPSHOT_DATABASE_URL}" >> "${GITHUB_ENV}"
      echo "(written to GITHUB_ENV for subsequent steps)"
    fi
    ;;

  cleanup)
    echo "Cleaning up snapshot container"
    docker rm -f "$CONTAINER" >/dev/null 2>&1 || true
    rm -f /tmp/snapshot.*.sql.gz 2>/dev/null || true
    echo "✅ Cleanup done"
    ;;

  *)
    echo "Usage: $0 <load|cleanup>" >&2
    exit 2
    ;;
esac