"""config.py: 12-factor configuration, read from the ENVIRONMENT, never hardcoded.

The rule: code is the same everywhere; what changes between your laptop, staging, and production is
CONFIG, supplied as environment variables. Secrets (the API key) come from the environment too, never
committed to the repo. This makes the same container run anywhere just by changing env vars.
"""

import os


class Settings:
    def __init__(self, env=None):
        env = env if env is not None else os.environ
        self.environment = env.get("ENVIRONMENT", "development")
        self.model = env.get("AGENT_MODEL", "claude-opus-4-8")
        self.max_steps = int(env.get("AGENT_MAX_STEPS", "6"))
        self.timeout_s = float(env.get("AGENT_TIMEOUT_S", "30"))
        self.log_level = env.get("LOG_LEVEL", "INFO").upper()
        self.port = int(env.get("PORT", "8000"))
        self.api_key = env.get("ANTHROPIC_API_KEY")        # a SECRET, from the env, not the code

    def validate(self):
        """Return a list of configuration problems (empty means OK). Fail fast on bad config."""
        problems = []
        if self.max_steps < 1:
            problems.append("AGENT_MAX_STEPS must be >= 1")
        if self.timeout_s <= 0:
            problems.append("AGENT_TIMEOUT_S must be > 0")
        if self.environment == "production" and not self.api_key:
            problems.append("ANTHROPIC_API_KEY is required in production")
        return problems

    def redacted(self):
        """A version safe to log: it never reveals the secret, only whether it is set."""
        return {"environment": self.environment, "model": self.model, "max_steps": self.max_steps,
                "timeout_s": self.timeout_s, "log_level": self.log_level, "port": self.port,
                "api_key_set": bool(self.api_key)}


def load(env=None):
    return Settings(env)