import fs from 'fs/promises';
import path from 'path';
import chalk from 'chalk';
import axios from 'axios';

export interface SovereigntyReport {
    isAuthentic: boolean;
    isSynced: boolean;
    hasSecrets: boolean;
    isRepo: boolean;
    missingKeys: string[];
}

/**
 * Validates the project environment for "Sovereign-readiness".
 */
export async function verifySovereignty(apiUrl: string, apiKey: string, projectId: string): Promise<SovereigntyReport> {
    const report: SovereigntyReport = {
        isAuthentic: !!apiKey,
        isSynced: false,
        hasSecrets: false,
        isRepo: false,
        missingKeys: []
    };

    // 1. Check if it's a git repo
    try {
        await fs.access(path.join(process.cwd(), '.git'));
        report.isRepo = true;
    } catch {
        report.isRepo = false;
    }

    // 2. Check .env.local for required keys
    try {
        const envPath = path.join(process.cwd(), '.env.local');
        const content = await fs.readFile(envPath, 'utf-8');

        const requiredKeys = [
            'NEXT_PUBLIC_SUPABASE_URL',
            'NEXT_PUBLIC_SUPABASE_ANON_KEY',
            'SUPABASE_SERVICE_ROLE_KEY'
        ];

        for (const key of requiredKeys) {
            if (!content.includes(key)) {
                report.missingKeys.push(key);
            }
        }

        report.hasSecrets = report.missingKeys.length === 0;
    } catch {
        report.hasSecrets = false;
        report.missingKeys.push('.env.local is missing');
    }

    // 3. Check connectivity and sync status
    try {
        const response = await axios.get(`${apiUrl}/api/v1/projects/${projectId}/health`, {
            headers: { Authorization: `Bearer ${apiKey}` }
        });
        report.isSynced = response.data.success && response.data.data?.is_synced;
    } catch {
        report.isSynced = false;
    }

    return report;
}

/**
 * Displays the pre-flight check list.
 */
export function displayPreFlightReport(report: SovereigntyReport) {
    console.log(chalk.bold('\n🛡️  Sovereign Pre-flight Check\n'));

    const printItem = (label: string, success: boolean, hint?: string) => {
        const icon = success ? chalk.green('✔') : chalk.red('✘');
        console.log(`${icon} ${label}`);
        if (!success && hint) {
            console.log(chalk.dim(`  └─ ${hint}`));
        }
    };

    printItem('Identity (Auth)', report.isAuthentic, 'Run "rigstate login"');
    printItem('Environment Secrets', report.hasSecrets, report.missingKeys.join(', '));
    printItem('Git Repository', report.isRepo, 'Run "git init"');
    printItem('Nexus Synchronization', report.isSynced, 'Run "rigstate sync"');

    console.log('');
}