#!/usr/bin/env bash
set -euo pipefail

VOLUME_NAME="${PROD_DB_VOLUME_NAME:-skymoney_pgdata}"
ALLOW_EMPTY="${ALLOW_EMPTY_PROD_VOLUME:-0}"
DOCKER_CMD="${DOCKER_CMD:-docker}"
PROBE_TIMEOUT_SEC="${PROD_VOLUME_GUARD_TIMEOUT_SEC:-20}"

if ! $DOCKER_CMD volume inspect "$VOLUME_NAME" >/dev/null 2>&1; then
  if [[ "$ALLOW_EMPTY" == "1" ]]; then
    echo "WARN: volume '$VOLUME_NAME' is missing, but ALLOW_EMPTY_PROD_VOLUME=1; continuing."
    exit 0
  fi
  echo "ERROR: required volume '$VOLUME_NAME' does not exist."
  echo "Refusing deploy because this can indicate destructive data loss (e.g., volume deletion)."
  echo "If this is an intentional first-time init, set ALLOW_EMPTY_PROD_VOLUME=1 for one run."
  exit 1
fi

if timeout "${PROBE_TIMEOUT_SEC}"s $DOCKER_CMD run --rm -v "${VOLUME_NAME}:/var/lib/postgresql/data" alpine sh -lc "test -f /var/lib/postgresql/data/PG_VERSION"; then
  echo "Production volume guard passed: '$VOLUME_NAME' contains PostgreSQL data."
  exit 0
fi

if [[ "$ALLOW_EMPTY" == "1" ]]; then
  echo "WARN: volume '$VOLUME_NAME' is empty/uninitialized, but ALLOW_EMPTY_PROD_VOLUME=1; continuing."
  exit 0
fi

echo "ERROR: volume '$VOLUME_NAME' exists but appears empty/uninitialized (missing PG_VERSION)."
echo "Refusing deploy to prevent silent database re-initialization."
echo "If this is an intentional rebuild, set ALLOW_EMPTY_PROD_VOLUME=1 for one run."
exit 1