package constants

// Defines the names of the platform secrets required to get Edge up
// and running. These values correspond to the expected secret name in
// GCP SecretManager, but the values could be used anywhere secrets are stored.
const (
	// DataSynPubSubSAKey is the secret with the SA key for data sync to publish message to public topic
	DataSynPubSubSAKey = "data-sync-connector-key"
	// ChariotGitHubAppID is the App ID that GH generates when setting up the Chariot GitHub App
	ChariotGitHubAppID = "chariot-gh-app-id"
	// ChariotGitHubAppKey is the private key that GH generates when setting up the Chariot GitHub App
	ChariotGitHubAppKey = "chariot-gh-app-private-key"
	// DockerPullCfg is the pull creds for the NCR image repo(s)
	DockerPullCfg = "platform-docker-pull-cfg"
	// EdgeAPIOAauth2ClientID is the name fo the secret containing the IAP OAuth2
	// Client ID used to auth to the Edge API.
	EdgeAPIOAuth2ClientID = "edge-api-iap-oauth2-client-id"
	// HelmRead is the username used for reading from the NCR Helm repo
	HelmRead = "platform-helm-read"
	// LaunchDarklySecretKey is the sdk key for edge launch darkly config
	LaunchDarklySecretKey = "edge-backend-launch-darkly-sdk-key" //nolint
	// EdgeTotpSecretKey is a totp secret key using to validate totp token
	EdgeTotpSecretKey = "edge-backend-totp-secret"
	// DefaultOwnerFilter is the default filter for when an owner is not passed in to secretManagerSecrets api
	DefaultOwnerFilter = "tenant"

	// not platform secret manager secret names
	// TODO(alex): move these to a more appropriate place

	//HelmRepositorySecretType is the constant for secrets that are type helm repository
	HelmRepositorySecretType = "helm-repository"
	//HelmURL is the url field of the helm secret
	HelmURL = "helmUrl"
	//HelmRepoName is name of the helm repo this secret belongs to
	HelmRepoName = "helm_repo_name"
	//HelmPassword is the helm password field
	HelmPassword = "password"
	//HelmUsername is the helm username field
	HelmUsername = "username"
	// BffAuth auth info needed for bsp and jwt token
	BffAuth = "bff-auth"
	//EdgeSecretTypeLabel is the label key for edge secret types
	EdgeSecretTypeLabel = "secret-type-edge-ncr-com"
	//EdgeWorkloadTypeLabel is the label key for edge workload types
	EdgeWorkloadTypeLabel = "workload-edge-ncr-com"
	//PlatformWorkloadType is the label value for edge platform workloads
	PlatformWorkloadType = "platform"
	KubeSystemNamespace  = "kube-system"
)

// PlatformSecretIDs contains the names of secrets assumed to exist in the top-level Foreman GCP Project's
// Secret Manager. The values of these secrets will be replicated from the Foreman Secret Manager to
// all banner/tenant projects upon creation
var PlatformSecretIDs = []string{
	HelmRead,
	LaunchDarklySecretKey,
	EdgeTotpSecretKey,
}

var PlatformHelmRepositories = map[string]bool{
	NCRCharts: true,
}