package validate

import (
	"fmt"

	v1 "github.com/google/go-containerregistry/pkg/v1"
	"github.com/google/go-containerregistry/pkg/v1/validate"

	"edge-infra.dev/pkg/f8n/warehouse/oci"
	"edge-infra.dev/pkg/f8n/warehouse/oci/layer"
)

// Do not validate layers with ggcr as we perform our own validation on the K8s manifest layers.
var skipLayerValidation = validate.Fast

// Validate a generic Warehouse artifact meets the OCI and Warehouse specifications.
func Warehouse(a oci.Artifact) error {
	err := Validate(a, &Fns{
		Index: whValidateIndex,
		Image: whValidateImage,
		Layer: whValidateLayer,
	})
	if err != nil {
		return fmt.Errorf("invalid Warehouse artifact: %v", err)
	}
	return nil
}

func whValidateIndex(idx oci.Artifact, _ map[string]string) error {
	// assert the index does not violate the v1.ImageIndex OCI specification
	i := idx.(v1.ImageIndex)
	if err := validate.Index(i, skipLayerValidation); err != nil {
		return err
	}

	annotations, err := oci.Annotations(idx)
	if err != nil {
		return err
	}

	// check top-level annotations are as expected for Warehouse artifact
	if err := Annotations(annotations, whAnnotationValidators, nil); err != nil {
		return err
	}

	idxManifest, err := i.IndexManifest()
	if err != nil {
		return err
	}

	// check each descriptor has expected annotations for Warehouse manifest
	for n, manifest := range idxManifest.Manifests {
		annotations := manifest.Annotations
		if err := Annotations(annotations, whManifestAnnotationValidators, nil); err != nil {
			return fmt.Errorf("manifest %d is invalid: %v", n, err)
		}
	}

	return nil
}

func whValidateImage(img oci.Artifact, _ map[string]string) error {
	// assert the image does not violate the v1.Image OCI specification
	i := img.(v1.Image)
	if err := validate.Image(i, skipLayerValidation); err != nil {
		return err
	}

	annotations, err := oci.Annotations(img)
	if err != nil {
		return err
	}

	// check top-level annotations are as expected
	return Annotations(annotations, whAnnotationValidators, nil)
}

func whValidateLayer(l layer.Layer, _ map[string]string) error {
	annotations := l.Annotations()

	// check annotations are as expected for Warehouse layer
	return Annotations(annotations, whLayerAnnotationValidators, nil)
}