#!/bin/bash
# =============================================================================
# Prometheus Alertmanager 自動對接腳本
# =============================================================================
# Phase 5: Shadow Mode - 自動化環境對接
#
# 功能:
# 1. 建立 Alertmanager ConfigMap
# 2. 套用至 K3s 叢集
# 3. 自動重載 Alertmanager
#
# 使用方式:
#   ./scripts/apply_prometheus_config.sh
#
# 前提條件:
# - kubectl 已配置並可連線至 K3s (192.168.0.120)
# - 有權限操作 monitoring namespace
#
# Tier 2 授權: 此腳本會變更 K3s 環境，需統帥授權
# =============================================================================

set -euo pipefail

# -----------------------------------------------------------------------------
# Configuration
# -----------------------------------------------------------------------------
NAMESPACE="monitoring"
CONFIGMAP_NAME="alertmanager-awoooi-webhook"
AWOOOI_WEBHOOK_URL="http://192.168.0.188:8000/api/v1/webhooks/alerts"
KUBECONFIG_PATH="${KUBECONFIG:-./k3s-prod.yaml}"

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# -----------------------------------------------------------------------------
# Functions
# -----------------------------------------------------------------------------

log_info() {
    echo -e "${GREEN}[INFO]${NC} $1"
}

log_warn() {
    echo -e "${YELLOW}[WARN]${NC} $1"
}

log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

check_prerequisites() {
    log_info "檢查前提條件..."

    # Check kubectl
    if ! command -v kubectl &> /dev/null; then
        log_error "kubectl 未安裝"
        exit 1
    fi

    # Check kubeconfig
    if [[ ! -f "$KUBECONFIG_PATH" ]]; then
        log_error "找不到 kubeconfig: $KUBECONFIG_PATH"
        exit 1
    fi

    # Test connection
    if ! kubectl --kubeconfig="$KUBECONFIG_PATH" cluster-info &> /dev/null; then
        log_error "無法連線至 K3s 叢集"
        exit 1
    fi

    log_info "前提條件檢查通過"
}

create_namespace_if_not_exists() {
    log_info "確認 namespace: $NAMESPACE..."

    if ! kubectl --kubeconfig="$KUBECONFIG_PATH" get namespace "$NAMESPACE" &> /dev/null; then
        log_info "建立 namespace: $NAMESPACE"
        kubectl --kubeconfig="$KUBECONFIG_PATH" create namespace "$NAMESPACE"
    else
        log_info "Namespace $NAMESPACE 已存在"
    fi
}

apply_alertmanager_config() {
    log_info "套用 Alertmanager Webhook 設定..."

    # Create ConfigMap YAML
    cat <<EOF | kubectl --kubeconfig="$KUBECONFIG_PATH" apply -f -
apiVersion: v1
kind: ConfigMap
metadata:
  name: ${CONFIGMAP_NAME}
  namespace: ${NAMESPACE}
  labels:
    app: alertmanager
    component: awoooi-webhook
data:
  alertmanager-webhook.yml: |
    # =============================================================================
    # AWOOOI Webhook Receiver Configuration
    # =============================================================================
    # 此設定檔定義 Alertmanager 如何將告警轉發至 AWOOOI OpenClaw
    #
    # 用法: 將此內容合併至主 alertmanager.yml 的 receivers 區段
    # =============================================================================

    receivers:
      - name: 'awoooi-openclaw'
        webhook_configs:
          - url: '${AWOOOI_WEBHOOK_URL}'
            send_resolved: true
            max_alerts: 10
            # 5 秒超時
            http_config:
              follow_redirects: true

    # 路由規則範例 (合併至主設定):
    # route:
    #   receiver: 'awoooi-openclaw'
    #   group_by: ['alertname', 'namespace']
    #   group_wait: 30s
    #   group_interval: 5m
    #   repeat_interval: 4h
    #   routes:
    #     - match:
    #         severity: critical
    #       receiver: 'awoooi-openclaw'
    #       group_wait: 10s
EOF

    log_info "ConfigMap ${CONFIGMAP_NAME} 已套用"
}

reload_alertmanager() {
    log_info "嘗試重載 Alertmanager..."

    # Find Alertmanager pod
    ALERTMANAGER_POD=$(kubectl --kubeconfig="$KUBECONFIG_PATH" get pods -n "$NAMESPACE" \
        -l app=alertmanager -o jsonpath='{.items[0].metadata.name}' 2>/dev/null || echo "")

    if [[ -z "$ALERTMANAGER_POD" ]]; then
        log_warn "找不到 Alertmanager Pod (可能尚未部署)"
        log_info "ConfigMap 已建立，待 Alertmanager 部署後可手動合併設定"
        return 0
    fi

    # Trigger reload via /-/reload endpoint
    log_info "觸發 Alertmanager 設定重載..."
    kubectl --kubeconfig="$KUBECONFIG_PATH" exec -n "$NAMESPACE" "$ALERTMANAGER_POD" -- \
        wget -q -O- --post-data='' http://localhost:9093/-/reload 2>/dev/null || true

    log_info "Alertmanager 重載完成"
}

verify_config() {
    log_info "驗證 ConfigMap..."

    kubectl --kubeconfig="$KUBECONFIG_PATH" get configmap "$CONFIGMAP_NAME" -n "$NAMESPACE" -o yaml

    log_info "驗證完成"
}

# -----------------------------------------------------------------------------
# Main
# -----------------------------------------------------------------------------

main() {
    echo "============================================================"
    echo "  AWOOOI Prometheus Alertmanager 自動對接"
    echo "============================================================"
    echo ""
    echo "目標: 將 Webhook 設定套用至 K3s 叢集"
    echo "Webhook URL: $AWOOOI_WEBHOOK_URL"
    echo "Namespace: $NAMESPACE"
    echo ""

    check_prerequisites
    create_namespace_if_not_exists
    apply_alertmanager_config
    reload_alertmanager
    verify_config

    echo ""
    echo "============================================================"
    echo "  對接完成"
    echo "============================================================"
    echo ""
    log_info "ConfigMap 已建立: $NAMESPACE/$CONFIGMAP_NAME"
    log_info "下一步: 將 receiver 設定合併至 alertmanager.yml"
    log_info "測試: 使用 scripts/fire_live_alert.py 發射測試告警"
}

main "$@"