#!/bin/sh
# Test de connectivité sdk_signer: port interne et route WSS du reverse proxy
set -eu

HOST="${HOST:-localhost}"
LOG_DIR="$(cd "$(dirname "$0")"/.. && pwd)/logs"
TS="$(date +%Y-%m-%d_%H-%M-%S)"
LOG_FILE="$LOG_DIR/signer_proxy_${TS}.log"
mkdir -p "$LOG_DIR"

log() { printf "%s %s\n" "[$(date +%H:%M:%S)]" "$*" | tee -a "$LOG_FILE"; }

log "Vérification du port interne 9090 (tcp)"
if sudo docker run --rm --network 4nk_node_btcnet alpine:3.19 sh -lc "apk add --no-cache netcat-openbsd >/dev/null; nc -z sdk_signer 9090"; then
  log "OK: sdk_signer écoute en 9090"
else
  log "ECHEC: sdk_signer n'écoute pas en 9090"; exit 1
fi

log "Test Upgrade HTTP->WS via le reverse proxy (/signer/ws)"
code=$(curl -skI --http1.1 -H "Connection: Upgrade" -H "Upgrade: websocket" https://$HOST/signer/ws/ | awk 'NR==1{print $2}') || true
log "Statut proxy: ${code:-inconnu} (attendu: 101/400/426; éviter 502)"
if [ "${code:-}" = "502" ] || [ -z "${code:-}" ]; then
  log "ECHEC: reverse proxy retourne 502"; exit 1
fi

log "Succès: connectivité sdk_signer OK"
exit 0