package konfigkonnector

import (
	"context"
	_ "embed" //nolint let a human embed
	"fmt"

	corev1 "k8s.io/api/core/v1"
	"k8s.io/apimachinery/pkg/api/errors"
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
	"k8s.io/apimachinery/pkg/runtime"
	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
	"sigs.k8s.io/controller-runtime/pkg/client"

	kccAPI "edge-infra.dev/pkg/k8s/konfigkonnector/apis/configconnector/v1beta1"
	configconnector "edge-infra.dev/third_party/k8s/configconnector"
)

const (
	ResourceName = "k8s-cfg-connector"
)

var (
	namespace = "cnrm-system"
)

// LoadManifests reads the manifests from the embedded byte mapping containing
// vendored KCC installation manifests, and decodes the data into unstructured.Unstructured
// objects that can be applied to the K8s API using controller-runtime's client
func LoadManifests() ([]*unstructured.Unstructured, error) {
	return configconnector.LoadManifests()
}

// Install applies loaded manifests to K8s.
//
// Deprecated: One-shot install clients should use the generic SSA Install function
// from pkg/k8s/runtime/ssa instead.
func Install(ctx context.Context, c client.Client, manifests []*unstructured.Unstructured) error {
	// apply namespace first
	for _, manifest := range manifests {
		if manifest.GetKind() == "Namespace" {
			if err := c.Create(ctx, manifest); err != nil && !errors.IsAlreadyExists(err) {
				return err
			}
		}
	}
	// apply everything else
	for _, manifest := range manifests {
		if manifest.GetKind() != "Namespace" {
			if err := c.Create(ctx, manifest); err != nil && !errors.IsAlreadyExists(err) {
				return err
			}
		}
	}

	return nil
}

// CreateScheme builds the runtime.Scheme with the necessary API types for
// creating a client that can install K8s config connector and configure it
// (using their CRDs)
func CreateScheme() *runtime.Scheme {
	scheme := runtime.NewScheme()

	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
	utilruntime.Must(kccAPI.AddToScheme(scheme))

	return scheme
}

// SetupCNRMSystem sets up the cnrm-system namespace for the K8s config connector
// for non-GKE K8s distros
func SetupCNRMSystem(ctx context.Context, c client.Client, secretName string, key []byte) error {
	err := c.Create(ctx, &corev1.Namespace{
		ObjectMeta: metav1.ObjectMeta{Name: namespace},
	})
	if err != nil && !errors.IsAlreadyExists(err) {
		return fmt.Errorf("konfigkonnector.SetupCNRMSystem: failed to create namespace: %w", err)
	}

	err = c.Create(ctx, &corev1.Secret{
		ObjectMeta: metav1.ObjectMeta{Name: secretName, Namespace: namespace},
		Data:       map[string][]byte{"key.json": key},
	})
	if err != nil && !errors.IsAlreadyExists(err) {
		return fmt.Errorf("konfigkonnector.SetupCNRMSystem: failed to create secret: %w", err)
	}

	return nil
}