#!/usr/bin/env bash # payment-e2e-preflight.sh — pre-flight check for the W6 Day 27 # real-money payment E2E test. # # Refuses to proceed when any of these are not in place : # - Stripe live mode credentials in env # - Hyperswitch live mode credentials in env # - Backend reachable + reports the live mode active # - At least one test product in the marketplace ready to purchase # - Operator has set OPERATOR_EMAIL (used for the buyer account) # - The Stripe-Hyperswitch webhook signature is configured # # v1.0.9 W6 Day 27. # # Usage : # STAGING_URL=https://staging.veza.fr \ # OPERATOR_EMAIL=ops-test@veza.music \ # bash scripts/payment-e2e-preflight.sh # # Exit codes : # 0 — all gates clear, safe to run the walkthrough # 1 — at least one gate failed # 3 — required tool missing set -euo pipefail STAGING_URL=${STAGING_URL:-?} OPERATOR_EMAIL=${OPERATOR_EMAIL:-?} log() { printf '[%s] %s\n' "$(date +%H:%M:%S)" "$*" >&2; } warn() { log "WARN: $*"; } fail() { log "FAIL: $*"; exit "${2:-1}"; } require() { command -v "$1" >/dev/null 2>&1 || fail "required tool missing: $1" 3 } require curl require jq [ "$STAGING_URL" = "?" ] && fail "STAGING_URL env var required (e.g. https://staging.veza.fr)" 1 [ "$OPERATOR_EMAIL" = "?" ] && fail "OPERATOR_EMAIL env var required (the buyer's real email)" 1 errors=0 # 1. Backend reachable + health green. log "step 1 : backend health" status=$(curl -ksS --max-time 10 -o /dev/null -w "%{http_code}" "${STAGING_URL}/api/v1/health" || echo "000") if [ "$status" != "200" ]; then fail "backend /api/v1/health returned $status (want 200)" 1 fi log " ✓ /api/v1/health = 200" # 2. Live mode active. /api/v1/status carries the env in the response. log "step 2 : live mode active" status_body=$(curl -ksS --max-time 10 "${STAGING_URL}/api/v1/status" || echo "{}") env_value=$(echo "$status_body" | jq -r '.data.environment // .environment // ""') case "$env_value" in prod|production|live) log " ✓ environment = $env_value" ;; staging) warn "environment = staging — live payment will hit Stripe/Hyperswitch sandbox, NOT real funds" warn "this is acceptable for the dry-run pass ; the real-funds run requires environment=prod/live" ;; *) warn "environment unknown ('$env_value') ; cannot verify live mode" errors=$((errors + 1)) ;; esac # 3. Hyperswitch enabled flag. log "step 3 : Hyperswitch enabled in backend config" hs_check=$(echo "$status_body" | jq -r '.data.services.hyperswitch.status // .services.hyperswitch.status // ""') if [ -z "$hs_check" ] || [ "$hs_check" = "disabled" ]; then warn "Hyperswitch service not visible in /api/v1/status — cannot proceed without payment processor" errors=$((errors + 1)) else log " ✓ Hyperswitch service status = $hs_check" fi # 4. At least one marketplace product available. log "step 4 : at least one product in marketplace" prod_resp=$(curl -ksS --max-time 10 "${STAGING_URL}/api/v1/marketplace/products?limit=5" || echo "{}") prod_count=$(echo "$prod_resp" | jq -r '(.data.products // .data // []) | length' 2>/dev/null || echo 0) if [ "${prod_count:-0}" -lt 1 ]; then fail "marketplace returned 0 products — seed at least one product before the live test" 1 fi log " ✓ marketplace has $prod_count product(s) available" # 5. Operator email format check. log "step 5 : operator email shape" if ! echo "$OPERATOR_EMAIL" | grep -qE '^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}$'; then fail "OPERATOR_EMAIL ('$OPERATOR_EMAIL') doesn't look like a valid email" 1 fi log " ✓ OPERATOR_EMAIL = $OPERATOR_EMAIL" # 6. Reminder : the operator's personal card will be charged. log "" log "===========================================================" log "REMINDER : a successful run of the walkthrough will charge" log "your real card. Total cost : ~5 EUR for a test product." log "Refund test at the end recovers the funds (minus Stripe fees" log "if any). DO NOT run on a corporate card without prior approval." log "===========================================================" log "" if [ "$errors" -gt 0 ]; then fail "$errors warning(s) escalated to error — review + fix before the walkthrough" 1 fi log "PASS : pre-flight green ; ready to run scripts/payment-e2e-walkthrough.sh" exit 0