#!/bin/bash
# 同步测试环境数据到生产环境
# 用法: ./scripts/sync-test-to-prod.sh

set -euo pipefail

# PostgreSQL 客户端工具路径 (Homebrew libpq)
export PATH="/opt/homebrew/opt/libpq/bin:$PATH"

# SSL 配置
export PGSSLMODE=verify-full
export PGSSLROOTCERT=/etc/ssl/cert.pem

# 测试环境
TEST_DB="postgres://postgres:Voson_2026_Pg18!@db.refining.ltd:5432/secrets-nn-test"

# 生产环境
PROD_DB="postgres://postgres:Voson_2026_Pg18!@db.refining.ltd:5432/secrets-nn-prod"

echo "========================================="
echo "  测试环境 -> 生产环境 数据同步"
echo "========================================="
echo ""

# 确认操作
read -p "⚠️  此操作将覆盖生产环境数据,确认继续? (yes/no): " confirm
if [ "$confirm" != "yes" ]; then
    echo "已取消"
    exit 0
fi

echo ""
echo "步骤 1/4: 导出测试环境数据..."
TEMP_DIR=$(mktemp -d)
trap "rm -rf $TEMP_DIR" EXIT

# 导出测试环境数据(不含审计日志和历史记录)
pg_dump "$TEST_DB" \
    --table=entries \
    --table=secrets \
    --table=entry_secrets \
    --table=users \
    --table=oauth_accounts \
    --data-only \
    --column-inserts \
    --no-owner \
    --no-privileges \
    > "$TEMP_DIR/test_data.sql"

echo "✓ 测试数据已导出到临时文件"
echo "  文件大小: $(du -h "$TEMP_DIR/test_data.sql" | cut -f1)"

echo ""
echo "步骤 2/4: 备份当前生产数据..."
pg_dump "$PROD_DB" \
    --table=entries \
    --table=secrets \
    --table=entry_secrets \
    --table=users \
    --table=oauth_accounts \
    --data-only \
    --column-inserts \
    --no-owner \
    --no-privileges \
    > "$TEMP_DIR/prod_backup_$(date +%Y%m%d_%H%M%S).sql"

echo "✓ 生产数据已备份"

echo ""
echo "步骤 3/4: 清空生产环境目标表..."
psql "$PROD_DB" <<'SQL'
TRUNCATE TABLE entry_secrets CASCADE;
TRUNCATE TABLE secrets CASCADE;
TRUNCATE TABLE entries CASCADE;
SQL

echo "✓ 生产环境目标表已清空"

echo ""
echo "步骤 4/4: 导入测试数据到生产环境..."
psql "$PROD_DB" -f "$TEMP_DIR/test_data.sql" 2>&1 | tail -20

echo ""
echo "验证数据..."
echo "生产环境数据统计:"
psql "$PROD_DB" -c "SELECT 'users' as table_name, count(*) FROM users UNION ALL SELECT 'entries', count(*) FROM entries UNION ALL SELECT 'secrets', count(*) FROM secrets UNION ALL SELECT 'entry_secrets', count(*) FROM entry_secrets UNION ALL SELECT 'oauth_accounts', count(*) FROM oauth_accounts ORDER BY table_name;"

echo ""
echo "========================================="
echo "  ✓ 数据同步完成!"
echo "========================================="
echo ""
echo "提示:"
echo "  - 生产数据备份已保存在临时目录"
echo "  - 临时文件将在脚本退出后自动删除"