#!/usr/bin/env bash
# =============================================
# Harness Quality Gates — 一键运行所有门禁
# 源自 $closed-loop-testing skill
# =============================================
set -euo pipefail

ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
cd "$ROOT_DIR"

PASS=0
FAIL=0
RESULTS=()

check() {
    local level="$1" name="$2" cmd="$3"
    cd "$ROOT_DIR"
    echo ""
    echo "━━━ [${level}] ${name} ━━━"
    if eval "$cmd" 2>&1; then
        echo "  ✅ ${name} 通过"
        PASS=$((PASS + 1))
        RESULTS+=("✅|${level}|${name}")
    else
        echo "  ❌ ${name} 失败"
        FAIL=$((FAIL + 1))
        RESULTS+=("❌|${level}|${name}")
    fi
}

echo ""
echo "╔══════════════════════════════════════╗"
echo "║   Harness Quality Gates              ║"
echo "║   $(date '+%Y-%m-%d %H:%M')              ║"
echo "╚══════════════════════════════════════╝"

# ── L1: 编译检查 ──
echo ""
echo "╔══ L1 编译检查 ══════════════════════╗"
check "L1" "后端编译" "cd '$ROOT_DIR/openhis-server-new' && mvn compile -pl openhis-application -am -q"

# ── L2: 全链路检查 ──
echo ""
echo "╔══ L2 全链路数据流验证 ══════════════╗"

# L2-1: 文件存在性检查
check "L2" "AGENTS.md 存在" "test -f '$ROOT_DIR/AGENTS.md'"
check "L2" "init.sh 可执行" "test -x '$ROOT_DIR/.harness/init.sh'"
check "L2" "PROGRESS.md 存在" "test -f '$ROOT_DIR/.harness/PROGRESS.md'"
check "L2" "feature_list.json 有效" "python3 -c 'import json; json.load(open(\"$ROOT_DIR/.harness/feature_list.json\"))'"

# L2-2: Mapper XML 结构检查
check "L2" "Mapper XML 行数一致性" "find '$ROOT_DIR/openhis-server-new' -path '*/mapper/*.xml' -exec wc -l {} + 2>/dev/null | tail -1 | awk '{print \$1}' | xargs test 0 -lt"

# ── L3: 约束合规检查 ──
echo ""
echo "╔══ L3 约束合规检查 ══════════════════╗"

# L3-1: 无硬编码密钥
check "L3" "无硬编码密钥" "! grep -r 'password=.*[a-zA-Z0-9]\{8,\}' --include='*.java' --include='*.yml' --include='*.xml' --include='*.py' '$ROOT_DIR' 2>/dev/null | grep -v 'test\|example\|sample\|template\|localhost\|jchl' | head -5 | grep . && false || true"

# ── 汇总 ──
echo ""
echo "╔══════════════════════════════════════╗"
echo "║   质量门禁结果汇总                    ║"
echo "╚══════════════════════════════════════╝"
echo ""
for r in "${RESULTS[@]}"; do
    IFS='|' read -r status level name <<< "$r"
    echo "  $status [$level] $name"
done
echo ""
echo "  总计: $((PASS + FAIL)) | ✅ $PASS 通过 | ❌ $FAIL 失败"
echo ""

if [ "$FAIL" -gt 0 ]; then
    echo "  ⚠️  有 $FAIL 项未通过"
    echo "  提示：新增/修改文件后记得 git add 后再检查"
    exit 1
else
    echo "  🎉 所有门禁通过！"
fi