package main

import (
	"encoding/json"
	"fmt"
	"os"

	"github.com/cert-manager/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
	"github.com/pluralsh/plural-certmanager-webhook/pkg/cmd"
	"github.com/pluralsh/plural-certmanager-webhook/plural"
	extapi "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
	"k8s.io/client-go/rest"
)

var GroupName = os.Getenv("GROUP_NAME")

func main() {
	if GroupName == "" {
		panic("GROUP_NAME must be specified")
	}

	// This will register our custom DNS provider with the webhook serving
	// library, making it available as an API under the provided GroupName.
	// You can register multiple DNS provider implementations with a single
	// webhook, where the Name() method will be used to disambiguate between
	// the different implementations.
	cmd.RunWebhookServer(GroupName,
		&pluralDnsProviderSolver{
			Token:    os.Getenv("PLURAL_ACCESS_TOKEN"),
			Endpoint: os.Getenv("PlURAL_ENDPOINT"),
		},
	)
}

type pluralDnsProviderSolver struct {
	Token    string
	Endpoint string
}

type pluralDNSProviderConfig struct {
	Cluster  string `json:"cluster"`
	Provider string `json:"provider"`
}

func (c *pluralDnsProviderSolver) Name() string {
	return "plural-solver"
}

// Present is responsible for actually presenting the DNS record with the
// DNS provider.
// This method should tolerate being called multiple times with the same value.
// cert-manager itself will later perform a self check to ensure that the
// solver has correctly configured the DNS provider.
func (c *pluralDnsProviderSolver) Present(ch *v1alpha1.ChallengeRequest) error {
	cfg, err := loadConfig(ch.Config)
	if err != nil {
		return err
	}

	conf := plural.NewConfig(c.Token, c.Endpoint, cfg.Cluster, cfg.Provider)
	client := plural.NewClient(conf)

	_, err = client.CreateRecord(&plural.DnsRecord{
		Type:    "TXT",
		Name:    ch.ResolvedFQDN,
		Records: []string{ch.Key},
	})
	fmt.Printf("attempted to create record for %s", ch.ResolvedFQDN)

	return err
}

// CleanUp should delete the relevant TXT record from the DNS provider console.
// If multiple TXT records exist with the same record name (e.g.
// _acme-challenge.example.com) then **only** the record with the same `key`
// value provided on the ChallengeRequest should be cleaned up.
// This is in order to facilitate multiple DNS validations for the same domain
// concurrently.
func (c *pluralDnsProviderSolver) CleanUp(ch *v1alpha1.ChallengeRequest) error {
	cfg, err := loadConfig(ch.Config)
	if err != nil {
		return err
	}

	conf := plural.NewConfig(c.Token, c.Endpoint, cfg.Cluster, cfg.Provider)
	client := plural.NewClient(conf)
	return client.DeleteRecord(ch.ResolvedFQDN, "TXT")
}

// Initialize will be called when the webhook first starts.
// This method can be used to instantiate the webhook, i.e. initialising
// connections or warming up caches.
// Typically, the kubeClientConfig parameter is used to build a Kubernetes
// client that can be used to fetch resources from the Kubernetes API, e.g.
// Secret resources containing credentials used to authenticate with DNS
// provider accounts.
// The stopCh can be used to handle early termination of the webhook, in cases
// where a SIGTERM or similar signal is sent to the webhook process.
func (c *pluralDnsProviderSolver) Initialize(kubeClientConfig *rest.Config, stopCh <-chan struct{}) error {
	///// UNCOMMENT THE BELOW CODE TO MAKE A KUBERNETES CLIENTSET AVAILABLE TO
	///// YOUR CUSTOM DNS PROVIDER

	//cl, err := kubernetes.NewForConfig(kubeClientConfig)
	//if err != nil {
	//	return err
	//}
	//
	//c.client = cl

	///// END OF CODE TO MAKE KUBERNETES CLIENTSET AVAILABLE
	return nil
}

// loadConfig is a small helper function that decodes JSON configuration into
// the typed config struct.
func loadConfig(cfgJSON *extapi.JSON) (pluralDNSProviderConfig, error) {
	cfg := pluralDNSProviderConfig{}

	if cfgJSON == nil {
		return cfg, nil
	}
	if err := json.Unmarshal(cfgJSON.Raw, &cfg); err != nil {
		return cfg, fmt.Errorf("error decoding solver config: %v", err)
	}

	return cfg, nil
}