package k8objectsutils

import (
	"fmt"

	containerApi "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/container/v1beta1"
	kcck8s "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/k8s/v1alpha1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	k8sTypes "k8s.io/apimachinery/pkg/types"

	"edge-infra.dev/pkg/edge/api/graph/mapper"
	gkeClusterApi "edge-infra.dev/pkg/edge/apis/gkecluster/v1alpha1"
	edgeconstants "edge-infra.dev/pkg/edge/constants"
	"edge-infra.dev/pkg/k8s/konfigkonnector/apis/meta"
	"edge-infra.dev/pkg/lib/featureflag"
	gcpsecurity "edge-infra.dev/pkg/lib/ncr/gcp/security"
)

const defaultNodePoolAnno = "cnrm.cloud.google.com/remove-default-node-pool"

func BuildContainerCluster(cluster *gkeClusterApi.GKECluster, key k8sTypes.NamespacedName) *containerApi.ContainerCluster {
	workloadPool := fmt.Sprintf("%s.svc.id.goog", cluster.Spec.ProjectID)
	releaseChannel := &containerApi.ClusterReleaseChannel{Channel: "STABLE"}
	var manConfig *containerApi.ClusterMasterAuthorizedNetworksConfig
	manEnabled, err := featureflag.FeatureEnabled(featureflag.UseMasterAuthorizedNetworks, false)
	if err != nil {
		manEnabled = false
	}
	if manEnabled {
		cidrs := []containerApi.ClusterCidrBlocks{}
		for _, v := range gcpsecurity.ZscalerIPs() {
			blk := containerApi.ClusterCidrBlocks{
				CidrBlock: v,
			}
			cidrs = append(cidrs, blk)
		}
		manConfig = &containerApi.ClusterMasterAuthorizedNetworksConfig{
			CidrBlocks: cidrs,
		}
	}

	return &containerApi.ContainerCluster{
		TypeMeta: metav1.TypeMeta{
			Kind:       containerApi.ContainerClusterGVK.Kind,
			APIVersion: containerApi.SchemeGroupVersion.String(),
		},
		ObjectMeta: metav1.ObjectMeta{
			Name:      mapper.ConvertK8sName(key.Name),
			Namespace: key.Namespace,
			Annotations: map[string]string{
				defaultNodePoolAnno:           "true",
				meta.ProjectAnnotation:        mapper.ConvertK8sName(cluster.Spec.ProjectID),
				edgeconstants.Tenant:          mapper.ConvertK8sName(cluster.Spec.ProjectID),
				edgeconstants.Fleet:           string(cluster.Spec.Fleet),
				edgeconstants.Banner:          cluster.Spec.Banner,
				edgeconstants.Organization:    cluster.Spec.Organization,
				meta.DeletionPolicyAnnotation: meta.DeletionPolicyAbandon,
			},
			//add labels on kcc resource that will be added to gke resource
			Labels: map[string]string{
				edgeconstants.GKEFleet:        string(cluster.Spec.Fleet),
				edgeconstants.GKEBanner:       cluster.Spec.Banner,
				edgeconstants.GKEOrganization: cluster.Spec.Organization,
				edgeconstants.GKECluster:      cluster.Spec.Name,
				edgeconstants.GKEClusterUUID:  cluster.ObjectMeta.Name,
			},
		},
		Spec: containerApi.ContainerClusterSpec{
			InitialNodeCount: &cluster.Spec.NumNode,
			WorkloadIdentityConfig: &containerApi.ClusterWorkloadIdentityConfig{
				WorkloadPool: &workloadPool,
			},
			Location: cluster.Spec.Location,
			LoggingConfig: &containerApi.ClusterLoggingConfig{
				EnableComponents: []string{"SYSTEM_COMPONENTS"},
			},
			MasterAuth: &containerApi.ClusterMasterAuth{
				ClientCertificateConfig: &containerApi.ClusterClientCertificateConfig{
					IssueClientCertificate: true,
				},
			},
			MasterAuthorizedNetworksConfig: manConfig,
			ReleaseChannel:                 releaseChannel,
		},
	}
}

func BuildContainerNodePool(projectID, banner, bslOrg, namespace, name, location, machineType string, nodeCount, minNodes, maxNodes int, fleet string, autoscale bool) *containerApi.ContainerNodePool {
	auto := true
	private := true
	podPidsLimit := 0
	autoscaling := &containerApi.NodepoolAutoscaling{
		MaxNodeCount: &maxNodes,
		MinNodeCount: &minNodes,
	}
	if !autoscale {
		autoscaling = nil
	}
	return &containerApi.ContainerNodePool{
		TypeMeta: metav1.TypeMeta{
			Kind:       containerApi.ContainerNodePoolGVK.Kind,
			APIVersion: containerApi.SchemeGroupVersion.String(),
		},
		ObjectMeta: metav1.ObjectMeta{
			Name:      mapper.ConvertK8sName(name),
			Namespace: namespace,
			Annotations: map[string]string{
				edgeconstants.Tenant:          mapper.ConvertK8sName(projectID),
				edgeconstants.Fleet:           fleet,
				edgeconstants.Banner:          banner,
				edgeconstants.Organization:    bslOrg,
				meta.ProjectAnnotation:        mapper.ConvertK8sName(projectID),
				meta.DeletionPolicyAnnotation: meta.DeletionPolicyAbandon,
			},
		},
		Spec: containerApi.ContainerNodePoolSpec{
			InitialNodeCount: &nodeCount,
			NodeConfig: &containerApi.NodepoolNodeConfig{
				MachineType: &machineType,
				Metadata: map[string]string{
					"disable-legacy-endpoints": "true",
				},
				OauthScopes: []string{
					"https://www.googleapis.com/auth/monitoring",
					"https://www.googleapis.com/auth/devstorage.read_only",
					"https://www.googleapis.com/auth/cloud-platform",
				},
				KubeletConfig: &containerApi.NodepoolKubeletConfig{
					CpuManagerPolicy: "",
					PodPidsLimit:     &podPidsLimit,
				},
			},
			ClusterRef: kcck8s.ResourceRef{
				Name:      mapper.ConvertK8sName(name),
				Namespace: namespace,
			},
			Location: location,
			Management: &containerApi.NodepoolManagement{
				AutoRepair:  &auto,
				AutoUpgrade: &auto,
			},
			Autoscaling: autoscaling,
			NetworkConfig: &containerApi.NodepoolNetworkConfig{
				EnablePrivateNodes: &private, //private to make node vms private
			},
		},
	}
}

func WithNetworkConfig(cluster *containerApi.ContainerCluster, network, subnetwork, netmask string) *containerApi.ContainerCluster {
	cc := cluster.DeepCopy()
	cc.Spec.NetworkRef = &kcck8s.ResourceRef{
		External: network,
	}
	cc.Spec.SubnetworkRef = &kcck8s.ResourceRef{
		External: subnetwork,
	}
	cc.Spec.IpAllocationPolicy = &containerApi.ClusterIpAllocationPolicy{
		ClusterIpv4CidrBlock:  &netmask,
		ServicesIpv4CidrBlock: &netmask,
	}
	return cc
}