#!/usr/bin/env bash
# Run all validation checks that do not require LAN/SSH/credentials.
# Use for CI or pre-deploy: dependencies, config files, optional genesis.
# Usage: bash scripts/verify/run-all-validation.sh [--skip-genesis]
#   --skip-genesis: do not run validate-genesis.sh (default: run if smom-dbis-138 present).
# Optional: EI_MATRIX_ONCHAIN_AUDIT_CI=1 runs scripts/lib/ei_matrix_onchain_readiness_audit.py (needs
#   ETHEREUM_MAINNET_RPC + RPC_URL_138 in .env). EI_MATRIX_ONCHAIN_AUDIT_CI_LIMIT default 120; 0 = full grid.
#   Strict gate: set EI_MATRIX_AUDIT_MIN_MAINNET_RAW_CI / EI_MATRIX_AUDIT_MIN_138_RAW_CI.
# Steps: dependencies, config files, cW* mesh matrix (if pair-discovery JSON exists), optional advisory non-EVM public health, genesis.

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
cd "$PROJECT_ROOT"

# shellcheck source=./scripts/lib/run-summary.sh
source "$PROJECT_ROOT/scripts/lib/run-summary.sh"

RUN_STARTED_AT="$(date -u +"%Y-%m-%dT%H:%M:%SZ")"
SECONDS=0

SKIP_GENESIS=false
JSON_OUT=""
while [[ $# -gt 0 ]]; do
  case "$1" in
    --skip-genesis)
      SKIP_GENESIS=true
      shift
      ;;
    --json-out)
      [[ $# -ge 2 ]] || { echo "Missing value for --json-out" >&2; exit 1; }
      JSON_OUT="$2"
      shift 2
      ;;
    -h|--help)
      sed -n '1,6p' "$0"
      echo "  --json-out PATH   Write a machine-readable run summary JSON."
      exit 0
      ;;
    *)
      echo "Unknown argument: $1" >&2
      exit 1
      ;;
  esac
done

RUN_STATUS="failed"
run_summary_init "run-all-validation.sh" "$RUN_STARTED_AT" "$JSON_OUT"
trap 'run_summary_write "$RUN_STATUS" "$SECONDS" "run"; run_summary_cleanup' EXIT

log_ok() { echo -e "\033[0;32m[✓]\033[0m $1"; }
log_err() { echo -e "\033[0;31m[✗]\033[0m $1"; exit 1; }
format_duration() { printf '%02dm:%02ds' "$(($1 / 60))" "$(($1 % 60))"; }
step_done() { echo "   Completed in $(format_duration "$((SECONDS - $1))")"; }

echo "=== Run all validation (no LAN/SSH) ==="
echo "Started (UTC): $RUN_STARTED_AT"
echo ""

echo "1. Dependencies..."
STEP_STARTED=$SECONDS
bash "$SCRIPT_DIR/check-dependencies.sh" || log_err "check-dependencies failed"
log_ok "Dependencies OK"
run_summary_record_step "1" "Dependencies" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "1b. pnpm workspace vs lockfile..."
STEP_STARTED=$SECONDS
if [[ -f "$PROJECT_ROOT/pnpm-workspace.yaml" ]]; then
  bash "$SCRIPT_DIR/check-pnpm-workspace-lockfile.sh" || log_err "pnpm lockfile / workspace drift"
  log_ok "pnpm lockfile aligned with workspace"
else
  echo "   (no pnpm-workspace.yaml at root — skip)"
fi
run_summary_record_step "1b" "pnpm workspace vs lockfile" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "1c. Gitea workflow source sync..."
STEP_STARTED=$SECONDS
bash "$SCRIPT_DIR/check-gitea-workflows.sh" || log_err "Gitea workflow source drift"
log_ok "Gitea workflows match source-of-truth files"
run_summary_record_step "1c" "Gitea workflow source sync" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "1d. main/master workflow parity..."
STEP_STARTED=$SECONDS
bash "$SCRIPT_DIR/check-gitea-branch-workflow-parity.sh" || log_err "main/master workflow parity drift"
log_ok "main/master workflow parity OK"
run_summary_record_step "1d" "main/master workflow parity" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "2. Config files..."
STEP_STARTED=$SECONDS
bash "$SCRIPT_DIR/../validation/validate-config-files.sh" || log_err "validate-config-files failed"
log_ok "Config validation OK"
run_summary_record_step "2" "Config files" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "3. cW* mesh matrix (deployment-status + Uni V2 pair-discovery)..."
STEP_STARTED=$SECONDS
DISCOVERY_JSON="$PROJECT_ROOT/reports/extraction/promod-uniswap-v2-live-pair-discovery-latest.json"
if [[ -f "$DISCOVERY_JSON" ]]; then
  MATRIX_JSON="$PROJECT_ROOT/reports/status/cw-mesh-deployment-matrix-latest.json"
  bash "$SCRIPT_DIR/build-cw-mesh-deployment-matrix.sh" --no-markdown --json-out "$MATRIX_JSON" || log_err "cw mesh matrix merge failed"
  log_ok "cW mesh matrix OK (also wrote $MATRIX_JSON)"
else
  echo "   ($DISCOVERY_JSON missing — run: bash scripts/verify/build-promod-uniswap-v2-live-pair-discovery.sh)"
fi
run_summary_record_step "3" "cW mesh matrix" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "3b. deployment-status graph (cross-chain-pmm-lps)..."
STEP_STARTED=$SECONDS
PMM_VALIDATE="$PROJECT_ROOT/cross-chain-pmm-lps/scripts/validate-deployment-status.cjs"
if [[ -f "$PMM_VALIDATE" ]] && command -v node &>/dev/null; then
  node "$PMM_VALIDATE" || log_err "validate-deployment-status.cjs failed"
  log_ok "deployment-status.json rules OK"
else
  echo "   (skip: node or $PMM_VALIDATE missing)"
fi
run_summary_record_step "3b" "deployment-status graph" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "3b2. capital efficiency risk simulator (cross-chain-pmm-lps)..."
STEP_STARTED=$SECONDS
CAPITAL_VALIDATE="$PROJECT_ROOT/cross-chain-pmm-lps/scripts/validate-capital-efficiency.cjs"
if [[ -f "$CAPITAL_VALIDATE" ]] && command -v node &>/dev/null; then
  node "$CAPITAL_VALIDATE" || log_err "validate-capital-efficiency.cjs failed"
  log_ok "capital efficiency simulator rules OK"
else
  echo "   (skip: node or $CAPITAL_VALIDATE missing)"
fi
run_summary_record_step "3b2" "capital efficiency risk simulator" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "3c. External dependency blockers..."
STEP_STARTED=$SECONDS
EXT_CHECK="$SCRIPT_DIR/check-external-dependencies.sh"
if [[ -x "$EXT_CHECK" ]]; then
  bash "$EXT_CHECK" --advisory || true
else
  echo "   (skip: $EXT_CHECK missing)"
fi
run_summary_record_step "3c" "External dependency blockers" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "3d. Non-EVM public network health (advisory)..."
STEP_STARTED=$SECONDS
NON_EVM_CHECK="$SCRIPT_DIR/check-non-evm-network-health.sh"
NON_EVM_REPORT="$SCRIPT_DIR/build-non-evm-lane-status.py"
if [[ -x "$NON_EVM_CHECK" ]]; then
  bash "$NON_EVM_CHECK" --json-out "$PROJECT_ROOT/reports/status/non-evm-network-health-latest.json" || true
  if [[ -x "$NON_EVM_REPORT" ]]; then
    python3 "$NON_EVM_REPORT" || log_err "build-non-evm-lane-status.py failed"
    log_ok "non-EVM lane status refreshed"
  else
    echo "   (skip report: $NON_EVM_REPORT missing)"
  fi
else
  echo "   (skip: $NON_EVM_CHECK missing)"
fi
run_summary_record_step "3d" "Non-EVM public network health" "success" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "3d1. d-bis.org CWUSDC Etherscan profile prereq URLs (advisory)..."
STEP_STARTED=$SECONDS
CWU_URLS="$SCRIPT_DIR/check-cwusdc-etherscan-prereq-urls.sh"
CWU_STATUS="skipped"
if [[ -x "$CWU_URLS" ]] && command -v curl &>/dev/null; then
  if bash "$CWU_URLS"; then
    log_ok "d-bis.org token-profile URLs OK (CWUSDC E2E prereq)"
    CWU_STATUS="success"
  else
    echo "   (advisory: one or more URLs not HTTP 200 — fix site or network; see CWUSDC_ETHERSCAN_E2E_RECOMMENDATIONS.md)"
    CWU_STATUS="advisory_fail"
  fi
else
  echo "   (skip: curl or $CWU_URLS missing)"
fi
run_summary_record_step "3d1" "CWUSDC d-bis URL prereqs" "$CWU_STATUS" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

echo "3e. EI matrix on-chain readiness audit (optional)..."
STEP_STARTED=$SECONDS
EIM_STEP_STATUS="skipped"
if [[ "${EI_MATRIX_ONCHAIN_AUDIT_CI:-}" == "1" ]]; then
  # shellcheck disable=SC1091
  source "$PROJECT_ROOT/scripts/lib/load-project-env.sh"
  if [[ -z "${ETHEREUM_MAINNET_RPC:-}" || -z "${RPC_URL_138:-}" ]]; then
    echo "   (skip: ETHEREUM_MAINNET_RPC or RPC_URL_138 unset — set RPCs in .env for CI gate)"
  else
    CI_LIMIT="${EI_MATRIX_ONCHAIN_AUDIT_CI_LIMIT:-120}"
    CI_SHARD="${EI_MATRIX_ONCHAIN_AUDIT_CI_SHARD:-200}"
    CI_WORKERS="${EI_MATRIX_ONCHAIN_AUDIT_CI_WORKERS:-2}"
    MIN_M="${EI_MATRIX_AUDIT_MIN_MAINNET_RAW_CI:-0}"
    MIN_138="${EI_MATRIX_AUDIT_MIN_138_RAW_CI:-0}"
    JSON_CI="${EI_MATRIX_ONCHAIN_AUDIT_JSON_CI:-reports/status/ei-matrix-readiness-audit-ci.json}"
    AUDIT_PY="$PROJECT_ROOT/scripts/lib/ei_matrix_onchain_readiness_audit.py"
    EXTRA=(--shard-size "$CI_SHARD" --workers "$CI_WORKERS" --both --min-mainnet-raw "$MIN_M" --min-138-raw "$MIN_138" --json-out "$JSON_CI")
    if [[ "$CI_LIMIT" != "0" ]]; then
      EXTRA+=(--limit "$CI_LIMIT")
    fi
    python3 "$AUDIT_PY" "${EXTRA[@]}" || log_err "EI matrix on-chain audit failed (thresholds or RPC)"
    log_ok "EI matrix on-chain audit OK ($JSON_CI)"
    EIM_STEP_STATUS="success"
  fi
else
  echo "   (skip: set EI_MATRIX_ONCHAIN_AUDIT_CI=1 to run; optional EI_MATRIX_ONCHAIN_AUDIT_CI_LIMIT=0 for full grid)"
fi
run_summary_record_step "3e" "EI matrix on-chain audit" "$EIM_STEP_STATUS" "$((SECONDS - STEP_STARTED))"
step_done "$STEP_STARTED"
echo ""

if [[ "$SKIP_GENESIS" == true ]]; then
  echo "4. Genesis — skipped (--skip-genesis)"
  run_summary_record_step "4" "Genesis (smom-dbis-138)" "skipped" "0"
else
  echo "4. Genesis (smom-dbis-138)..."
  STEP_STARTED=$SECONDS
  GENESIS_SCRIPT="$PROJECT_ROOT/smom-dbis-138/scripts/validation/validate-genesis.sh"
  if [[ -x "$GENESIS_SCRIPT" ]]; then
    bash "$GENESIS_SCRIPT" || log_err "validate-genesis failed"
    log_ok "Genesis OK"
  else
    echo "   (smom-dbis-138/scripts/validation/validate-genesis.sh not found, skipping)"
  fi
  run_summary_record_step "4" "Genesis (smom-dbis-138)" "success" "$((SECONDS - STEP_STARTED))"
  step_done "$STEP_STARTED"
fi
echo ""

log_ok "All validation passed."
echo "Total elapsed: $(format_duration "$SECONDS")"
RUN_STATUS="success"
exit 0