package edgeinjector

import (
	"context"
	"fmt"

	"k8s.io/apimachinery/pkg/runtime"

	"edge-infra.dev/pkg/edge/datasync/couchdb"
	"edge-infra.dev/pkg/lib/fog"

	corev1 "k8s.io/api/core/v1"

	"sigs.k8s.io/controller-runtime/pkg/client"
)

var (
	allowedRoles = []string{couchdb.ReadOnlyUser, couchdb.CreateViewUser}
)

type CouchUserField string

const (
	Username = CouchUserField("COUCHDB_USER")
	Password = CouchUserField("COUCHDB_PASSWORD")
	URI      = CouchUserField("COUCHDB_URI")
)

type CouchUserWebhook struct {
	client.Client
}

func (c *CouchUserWebhook) Default(ctx context.Context, obj runtime.Object) error {
	log := fog.FromContext(ctx).WithValues("name", "CouchDBUserWebhook")

	pod, ok := obj.(*corev1.Pod)
	if !ok {
		err := fmt.Errorf("expected a Pod but got a %T", obj)
		log.Error(err, "not a pod")
		return err
	}

	log = log.WithValues("pod", client.ObjectKeyFromObject(pod))

	if SecretLabelValue(pod, CouchDBSecret) != "" {
		log.Info("pod couch secret label found")
		return nil
	}

	ctx = fog.IntoContext(ctx, log)
	InjectSecret(ctx, pod, CouchDBSecret, map[string]string{
		string(Username): couchdb.SecretUsername,
		string(Password): couchdb.SecretPassword,
		string(URI):      couchdb.SecretURI,
	})

	log.Info("successfully injected couchdb user secret environment variables")
	return nil
}