#!/bin/bash

# Health Check Script
# Comprehensive system health verification

set -e

BASE_URL="http://localhost:9876"
BLOSSOM_URL="http://localhost:8081"
GRAFANA_URL="http://localhost:3000"
PROMETHEUS_URL="http://localhost:9090"

echo "🏥 Torrent Gateway Health Check"
echo "================================"

TOTAL_CHECKS=0
PASSED_CHECKS=0
FAILED_CHECKS=0

# Function to run a health check
check_health() {
    local name="$1"
    local test_command="$2"
    
    TOTAL_CHECKS=$((TOTAL_CHECKS + 1))
    echo -n "🔍 $name... "
    
    if eval "$test_command" >/dev/null 2>&1; then
        echo "✅ PASS"
        PASSED_CHECKS=$((PASSED_CHECKS + 1))
        return 0
    else
        echo "❌ FAIL"
        FAILED_CHECKS=$((FAILED_CHECKS + 1))
        return 1
    fi
}

# Basic connectivity checks
echo "🌐 Connectivity Checks"
echo "---------------------"

check_health "Gateway API Health" "curl -sf $BASE_URL/api/health"
check_health "Gateway API Stats" "curl -sf $BASE_URL/api/stats"
check_health "Blossom Server Health" "curl -sf $BLOSSOM_URL/health"
check_health "Admin Page Accessible" "curl -sf $BASE_URL/admin"

echo ""

# Authentication checks
echo "🔐 Authentication Checks"
echo "-----------------------"

check_health "Auth Challenge Generation" "curl -sf $BASE_URL/api/auth/challenge | grep -q challenge"
check_health "Protected Endpoint Security" "[ \$(curl -sw '%{http_code}' $BASE_URL/api/users/me/files) = '401' ]"
check_health "Admin Endpoint Protection" "[ \$(curl -sw '%{http_code}' $BASE_URL/api/admin/stats) = '401' ]"

echo ""

# Database checks
echo "🗄️  Database Checks"
echo "------------------"

if [ -f "data/metadata.db" ]; then
    check_health "Database File Exists" "[ -f data/metadata.db ]"
    check_health "Database Readable" "sqlite3 data/metadata.db 'SELECT COUNT(*) FROM files;'"
    check_health "Database Schema Valid" "sqlite3 data/metadata.db '.schema files' | grep -q 'CREATE TABLE'"
else
    echo "⚠️  Database file not found: data/metadata.db"
    FAILED_CHECKS=$((FAILED_CHECKS + 3))
    TOTAL_CHECKS=$((TOTAL_CHECKS + 3))
fi

echo ""

# Storage checks
echo "💾 Storage Checks"
echo "----------------"

check_health "Data Directory Exists" "[ -d data ]"
check_health "Blob Storage Directory" "[ -d data/blobs ]"
check_health "Chunk Storage Directory" "[ -d data/chunks ]"
check_health "Storage Writable" "touch data/health_check_test && rm -f data/health_check_test"

echo ""

# Service checks
echo "🚀 Service Checks"
echo "----------------"

if command -v docker-compose >/dev/null 2>&1; then
    check_health "Docker Compose Available" "docker-compose --version"
    
    # Check if services are running
    if [ -f "docker-compose.prod.yml" ]; then
        check_health "Gateway Container Running" "docker-compose -f docker-compose.prod.yml ps gateway | grep -q Up"
        check_health "Redis Container Running" "docker-compose -f docker-compose.prod.yml ps redis | grep -q Up"
        check_health "Prometheus Container Running" "docker-compose -f docker-compose.prod.yml ps prometheus | grep -q Up"
    fi
else
    echo "⚠️  Docker Compose not available"
fi

echo ""

# Performance checks
echo "⚡ Performance Checks"
echo "-------------------"

# Response time check
RESPONSE_TIME=$(curl -sf -w "%{time_total}" $BASE_URL/api/health -o /dev/null)
check_health "Response Time < 1s" "[ \$(echo \"$RESPONSE_TIME < 1.0\" | bc) -eq 1 ]"

# Memory usage check (if running in Docker)
if docker ps --format "table {{.Names}}" | grep -q gateway; then
    MEMORY_USAGE=$(docker stats --no-stream --format "{{.MemUsage}}" | head -n1 | cut -d'/' -f1 | sed 's/MiB//')
    if [ -n "$MEMORY_USAGE" ]; then
        check_health "Memory Usage < 1GB" "[ \$(echo \"$MEMORY_USAGE < 1024\" | bc) -eq 1 ]"
    fi
fi

echo ""

# API endpoint checks
echo "🔌 API Endpoint Checks"
echo "---------------------"

# Test each major endpoint
ENDPOINTS=(
    "/api/health:GET"
    "/api/stats:GET"
    "/api/auth/challenge:GET"
    "/api/files:GET"
)

for endpoint_method in "${ENDPOINTS[@]}"; do
    endpoint=$(echo "$endpoint_method" | cut -d: -f1)
    method=$(echo "$endpoint_method" | cut -d: -f2)
    
    case $method in
        GET)
            check_health "$(basename "$endpoint") endpoint" "curl -sf $BASE_URL$endpoint"
            ;;
        POST)
            check_health "$(basename "$endpoint") endpoint" "[ \$(curl -sw '%{http_code}' -X POST $BASE_URL$endpoint) != '404' ]"
            ;;
    esac
done

echo ""

# Monitoring checks (if enabled)
echo "📊 Monitoring Checks"
echo "-------------------"

if curl -sf "$PROMETHEUS_URL" >/dev/null 2>&1; then
    check_health "Prometheus Accessible" "curl -sf $PROMETHEUS_URL"
    check_health "Prometheus Targets" "curl -sf $PROMETHEUS_URL/api/v1/targets | grep -q torrent-gateway"
else
    echo "ℹ️  Prometheus not running (optional)"
fi

if curl -sf "$GRAFANA_URL" >/dev/null 2>&1; then
    check_health "Grafana Accessible" "curl -sf $GRAFANA_URL"
else
    echo "ℹ️  Grafana not running (optional)"
fi

echo ""

# Security checks
echo "🔒 Security Checks"
echo "-----------------"

check_health "No Default Passwords" "! grep -r 'password.*admin' configs/ || true"
check_health "HTTPS Headers Present" "curl -sf $BASE_URL/api/health -I | grep -qi 'x-content-type-options'"

echo ""

# Summary
echo "📊 Health Check Summary"
echo "======================"
echo "Total checks: $TOTAL_CHECKS"
echo "Passed:       $PASSED_CHECKS"
echo "Failed:       $FAILED_CHECKS"
echo "Success rate: $(echo "scale=1; $PASSED_CHECKS * 100 / $TOTAL_CHECKS" | bc -l)%"

if [ $FAILED_CHECKS -eq 0 ]; then
    echo ""
    echo "🎉 All health checks passed!"
    echo "✅ System is healthy and ready for production"
    exit 0
else
    echo ""
    echo "⚠️  Some health checks failed"
    echo "🔧 Please investigate and fix issues before proceeding"
    exit 1
fi