package k8objectsutils

import (
	"time"

	goext "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

	"edge-infra.dev/pkg/edge/constants"
)

func BuildExternalSecret(projectID, smSecretName, namespace, secretName, secretKey string) *goext.ExternalSecret {
	es := buildExternalSecretNoData(projectID, namespace, secretName)
	es.Spec.Data = []goext.ExternalSecretData{
		{
			SecretKey: secretKey,
			RemoteRef: goext.ExternalSecretDataRemoteRef{
				Key: smSecretName,
			},
		},
	}
	return es
}

func BuildExternalSecretWithMultiKeys(projectID, smSecretName, namespace, secretName string, keyMapping map[string]string) *goext.ExternalSecret {
	es := buildExternalSecretNoData(projectID, namespace, secretName)
	numKeys := len(keyMapping)
	data := make([]goext.ExternalSecretData, numKeys)
	i := 0
	for remoteKey, secretKey := range keyMapping {
		data[i] = goext.ExternalSecretData{
			SecretKey: secretKey,
			RemoteRef: goext.ExternalSecretDataRemoteRef{
				Key:      smSecretName,
				Property: remoteKey,
			},
		}
		i++
	}
	es.Spec.Data = data
	return es
}

func buildExternalSecretNoData(projectID, namespace, secretName string) *goext.ExternalSecret {
	return &goext.ExternalSecret{
		TypeMeta: metav1.TypeMeta{
			APIVersion: goext.SchemeGroupVersion.String(),
			Kind:       goext.ExtSecretKind,
		},
		ObjectMeta: metav1.ObjectMeta{
			Name:      secretName,
			Namespace: namespace,
			Labels: map[string]string{
				constants.Tenant: projectID,
			},
		},
		Spec: goext.ExternalSecretSpec{
			SecretStoreRef: goext.SecretStoreRef{
				Name: "gcp-provider",
				Kind: "ClusterSecretStore",
			},
			Target: goext.ExternalSecretTarget{
				Name:           secretName,
				CreationPolicy: goext.CreatePolicyOwner,
			},
			RefreshInterval: &metav1.Duration{
				Duration: time.Minute,
			},
		},
	}
}