package k8objectsutils

import (
	"encoding/base64"
	"fmt"

	containerAPI "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/container/v1beta1"
	"k8s.io/client-go/rest"
	"k8s.io/client-go/tools/clientcmd/api"
	"sigs.k8s.io/controller-runtime/pkg/client"
)

func CreateClient(cluster containerAPI.ContainerCluster, o client.Options) (client.Client, error) {
	caData, err := DecodeCA(cluster)
	if err != nil {
		return nil, err
	}

	config := &rest.Config{
		Host: fmt.Sprintf("https://%s", *cluster.Status.Endpoint),
		TLSClientConfig: rest.TLSClientConfig{
			CAData: caData,
		},
		AuthProvider: &api.AuthProviderConfig{
			Name: "gke-auth",
		},
	}

	return client.New(config, o)
}

func DecodeCA(cluster containerAPI.ContainerCluster) ([]byte, error) {
	caData, err := base64.StdEncoding.DecodeString(*cluster.Spec.MasterAuth.ClusterCaCertificate)
	if err != nil {
		return nil, err
	}
	return caData, nil
}