#!/bin/bash

echo "========================================="
echo "Woodpecker CI密钥配置脚本"
echo "========================================="
echo ""
echo "此脚本将帮助您配置Woodpecker CI所需的密钥"
echo ""

# 检查是否在服务器上
if [ "$HOSTNAME" != "novalon-server" ]; then
    echo "⚠️  请在服务器上运行此脚本"
    echo "   ssh root@139.155.109.62"
    echo "   然后运行: bash /home/novalon/scripts/setup-woodpecker-secrets.sh"
    exit 1
fi

# Woodpecker CI CLI命令
WOODPECKER_CLI="woodpecker-cli"

# 检查woodpecker-cli是否安装
if ! command -v $WOODPECKER_CLI &> /dev/null; then
    echo "❌ woodpecker-cli未安装"
    echo "   请先安装: https://woodpecker-ci.org/docs/cli"
    exit 1
fi

echo "步骤1: 配置SSH私钥"
echo "----------------------------------------"
echo "请确保您已经生成了SSH密钥对"
echo "公钥已添加到服务器的authorized_keys中"
echo ""

# 读取SSH私钥
if [ -f ~/.ssh/id_rsa ]; then
    echo "✅ 找到SSH私钥: ~/.ssh/id_rsa"
    SSH_KEY=$(cat ~/.ssh/id_rsa)
else
    echo "❌ 未找到SSH私钥"
    echo "   请先生成SSH密钥对: ssh-keygen -t rsa -b 4096"
    exit 1
fi

echo ""
echo "步骤2: 配置企业微信通知"
echo "----------------------------------------"
echo "已配置企业微信Webhook URL:"
echo "https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=bb7efcdc-c32f-47b7-a437-d76cab9fba74"
echo ""
WEBHOOK_URL="https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=bb7efcdc-c32f-47b7-a437-d76cab9fba74"
echo "✅ 企业微信通知已配置"
echo ""
echo "步骤3: 配置Docker Registry密码"
echo "----------------------------------------"
echo "请输入Docker Registry密码:"
echo "用于推送到 registry.f.novalon.cn"
read -s -p "密码: " REGISTRY_PASSWORD
echo ""

echo ""
echo "步骤4: 设置Woodpecker CI密钥"
echo "----------------------------------------"

# 设置SSH私钥
echo "设置SSH_PRIVATE_KEY..."
echo "$SSH_KEY" | $WOODPECKER_CLI secret add \
    --repository novalon/novalon-website \
    --name ssh_private_key \
    --value @-

if [ $? -eq 0 ]; then
    echo "✅ SSH_PRIVATE_KEY设置成功"
else
    echo "❌ SSH_PRIVATE_KEY设置失败"
    exit 1
fi

# 设置Registry密码
echo "设置REGISTRY_PASSWORD..."
echo "$REGISTRY_PASSWORD" | $WOODPECKER_CLI secret add \
    --repository novalon/novalon-website \
    --name registry_password \
    --value @-

if [ $? -eq 0 ]; then
    echo "✅ REGISTRY_PASSWORD设置成功"
else
    echo "❌ REGISTRY_PASSWORD设置失败"
    exit 1
fi

# 设置Webhook URL
if [ -n "$WEBHOOK_URL" ]; then
    echo "设置WEBHOOK_URL..."
    echo "$WEBHOOK_URL" | $WOODPECKER_CLI secret add \
        --repository novalon/novalon-website \
        --name webhook_url \
        --value @-
    
    if [ $? -eq 0 ]; then
        echo "✅ WEBHOOK_URL设置成功"
    else
        echo "❌ WEBHOOK_URL设置失败"
        exit 1
    fi
fi

echo ""
echo "========================================="
echo "✅ 密钥配置完成!"
echo "========================================="
echo ""
echo "已配置的密钥:"
echo "  - SSH_PRIVATE_KEY ✅"
echo "  - REGISTRY_PASSWORD ✅"
if [ -n "$WEBHOOK_URL" ]; then
    echo "  - WEBHOOK_URL ✅"
fi
echo ""
echo "下一步:"
echo "  1. 提交.woodpecker.yml到代码仓库"
echo "  2. 在Woodpecker CI中激活仓库"
echo "  3. 推送代码触发CI/CD流水线"
echo ""
echo "========================================="