#!/bin/bash

echo "========================================="
echo "Docker CI环境诊断脚本"
echo "========================================="
echo ""

# 检查容器环境
echo "1. 容器环境检查"
echo "----------------------------------------"
echo "主机名: $(hostname)"
echo "IP地址: $(hostname -i)"
echo "操作系统: $(cat /etc/os-release | grep PRETTY_NAME | cut -d= -f2)"
echo ""

# 检查网络连接
echo "2. 网络连接检查"
echo "----------------------------------------"
echo "测试DNS解析:"
nslookup git.f.novalon.cn 2>&1 | head -5
if [ $? -eq 0 ]; then
    echo "✅ DNS解析正常"
else
    echo "❌ DNS解析失败"
fi

echo ""
echo "测试端口连通性:"
nc -zv git.f.novalon.cn 22 2>&1
if [ $? -eq 0 ]; then
    echo "✅ SSH端口(22)可达"
else
    echo "❌ SSH端口不可达"
    echo "可能的原因:"
    echo "  - Git容器未运行"
    echo "  - 防火墙限制"
    echo "  - 网络配置问题"
fi

echo ""
echo "3. SSH配置检查"
echo "----------------------------------------"
if [ -f ~/.ssh/id_rsa ]; then
    echo "✅ SSH私钥文件存在"
    echo "文件大小: $(wc -c < ~/.ssh/id_rsa) bytes"
    echo "文件权限: $(ls -la ~/.ssh/id_rsa | cut -d' ' -f1)"
    
    # 检查私钥格式
    if grep -q "BEGIN OPENSSH PRIVATE KEY" ~/.ssh/id_rsa; then
        echo "✅ 私钥格式正确 (OpenSSH格式)"
    else
        echo "❌ 私钥格式可能不正确"
    fi
else
    echo "❌ SSH私钥文件不存在"
fi

echo ""
echo "4. Git服务器连接测试"
echo "----------------------------------------"
echo "测试SSH连接到Git服务器..."
ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 -T git@git.f.novalon.cn 2>&1

if [ $? -eq 0 ]; then
    echo "✅ SSH连接测试成功"
else
    echo "❌ SSH连接测试失败"
    echo ""
    echo "建议的修复步骤:"
    echo "1. 检查Woodpecker CI中的ssh_private_key secret配置"
    echo "2. 验证Git服务器的SSH服务状态"
    echo "3. 检查Docker容器网络配置"
    echo "4. 验证SSH密钥是否已添加到Git服务器的authorized_keys"
fi

echo ""
echo "5. Git仓库访问测试"
echo "----------------------------------------"
echo "测试Git远程仓库访问..."
git ls-remote git@git.f.novalon.cn:novalon/novalon-website.git --heads 2>&1 | head -3

if [ $? -eq 0 ]; then
    echo "✅ Git远程访问测试成功"
else
    echo "❌ Git远程访问测试失败"
fi

echo ""
echo "========================================="
echo "诊断完成"
echo "========================================="
echo ""
echo "下一步操作建议:"
echo "1. 如果SSH连接失败，请检查Woodpecker CI的ssh_private_key secret"
echo "2. 验证Git容器的SSH服务是否正常运行"
echo "3. 检查Docker网络配置，确保容器间可以通信"
echo "4. 重新运行CI pipeline验证修复效果"