#!/bin/bash
# Environment Variable Diagnostic Script
# This script helps identify where environment variables are getting lost

set -e

echo "🔍 Environment Variable Diagnostic Script"
echo "=========================================="

# Check if .env file exists and contains JWT settings
echo "📋 Step 1: Checking .env file..."
if [ -f ".env" ]; then
    echo "✅ .env file exists"
    if grep -q "JWT_SECRET_KEY" .env; then
        JWT_VALUE=$(grep "JWT_SECRET_KEY" .env | cut -d'=' -f2-)
        echo "✅ JWT_SECRET_KEY found in .env: ${JWT_VALUE:0:30}..."
    else
        echo "❌ JWT_SECRET_KEY not found in .env"
    fi
else
    echo "❌ .env file does not exist"
fi

echo ""

# Check docker-compose.yml configuration
echo "📋 Step 2: Checking docker-compose.yml..."
if grep -A 20 "auth-service:" docker-compose.yml | grep -q "JWT_SECRET_KEY"; then
    echo "✅ auth-service has JWT_SECRET_KEY in docker-compose.yml"
else
    echo "❌ auth-service missing JWT_SECRET_KEY in docker-compose.yml"
fi

echo ""

# Check if services are running
echo "📋 Step 3: Checking running services..."
AUTH_RUNNING=$(docker-compose ps auth-service | grep -c "Up" || echo "0")
GATEWAY_RUNNING=$(docker-compose ps gateway | grep -c "Up" || echo "0")

echo "Auth Service Running: $AUTH_RUNNING"
echo "Gateway Running: $GATEWAY_RUNNING"

echo ""

# Check environment at container startup
echo "📋 Step 4: Checking container environment at startup..."
echo "Starting fresh auth-service container..."

# Stop and start auth service
docker-compose stop auth-service
sleep 2

# Start auth service and immediately check environment
echo "Starting auth-service..."
docker-compose up -d auth-service

# Wait a moment for startup
sleep 3

echo "Checking environment immediately after startup..."
STARTUP_ENV=$(docker-compose exec -T auth-service env | grep JWT_SECRET_KEY || echo "NOT_SET")
echo "Startup Environment: $STARTUP_ENV"

# Wait a bit more and check again
sleep 5
echo "Checking environment after 5 seconds..."
AFTER_STARTUP=$(docker-compose exec -T auth-service env | grep JWT_SECRET_KEY || echo "NOT_SET")
echo "After Startup: $AFTER_STARTUP"

echo ""

# Check if the application is overriding environment variables
echo "📋 Step 5: Checking application configuration loading..."

# Create a temporary script to check Python environment loading
cat > /tmp/check_env.py << 'EOF'
import os
import sys
sys.path.insert(0, '/app')

print("=== Python Environment Check ===")
print(f"JWT_SECRET_KEY from os.getenv: {os.getenv('JWT_SECRET_KEY', 'NOT_SET')}")

try:
    from app.core.config import settings
    print(f"JWT_SECRET_KEY from settings: {getattr(settings, 'JWT_SECRET_KEY', 'NOT_SET')}")
    
    # Check if settings inherits from base
    try:
        from shared.config.base import BaseServiceSettings
        base_settings = BaseServiceSettings()
        print(f"JWT_SECRET_KEY from base settings: {getattr(base_settings, 'JWT_SECRET_KEY', 'NOT_SET')}")
    except Exception as e:
        print(f"Error loading base settings: {e}")
        
except Exception as e:
    print(f"Error loading auth settings: {e}")

print("=== Raw Environment Variables ===")
for key, value in sorted(os.environ.items()):
    if 'JWT' in key or 'SECRET' in key:
        print(f"{key}={value[:30]}..." if len(value) > 30 else f"{key}={value}")
EOF

# Copy the script into the container and run it
docker cp /tmp/check_env.py "$(docker-compose ps -q auth-service):/tmp/check_env.py"
echo "Running Python environment check..."
docker-compose exec -T auth-service python /tmp/check_env.py

echo ""

# Check if there are any startup scripts or entrypoints modifying environment
echo "📋 Step 6: Checking container startup process..."
echo "Container entrypoint:"
docker-compose exec -T auth-service cat /usr/local/bin/docker-entrypoint.sh 2>/dev/null || echo "No entrypoint script found"

echo ""
echo "Docker image environment:"
docker-compose exec -T auth-service printenv | grep JWT || echo "No JWT variables in container environment"

echo ""

# Check application logs for any environment variable issues
echo "📋 Step 7: Checking application logs for environment issues..."
echo "Recent auth-service logs:"
docker-compose logs --tail=20 auth-service | grep -i -E "(jwt|secret|env|config)" || echo "No relevant logs found"

echo ""

# Final diagnosis
echo "📋 Step 8: Diagnosis Summary"
echo "=============================="

if [ "$STARTUP_ENV" = "NOT_SET" ]; then
    echo "❌ ISSUE: JWT_SECRET_KEY is not being passed to the container"
    echo "🔧 SOLUTION: Fix docker-compose.yml environment variables"
elif [ "$STARTUP_ENV" != "NOT_SET" ] && [ "$AFTER_STARTUP" = "NOT_SET" ]; then
    echo "❌ ISSUE: JWT_SECRET_KEY is present at startup but disappears"
    echo "🔧 SOLUTION: Check application configuration loading"
else
    echo "✅ Environment variables appear to be stable"
fi

echo ""
echo "🏁 Diagnostic complete!"

# Cleanup
rm -f /tmp/check_env.py