package meta

import (
	certManager "antoine-roux.tk/projects/go/pulumi-library/crds/kubernetes/certmanager/v1"
	"fmt"
	"github.com/pulumi/pulumi-kubernetes/sdk/v4/go/kubernetes/core/v1"
	meta "github.com/pulumi/pulumi-kubernetes/sdk/v4/go/kubernetes/meta/v1"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

type CertificateConfiguration struct {
	Name string
	Dns  string
}

func (certificate *CertificateConfiguration) CreateCertificate(
	ctx *pulumi.Context,
	namespace *v1.Namespace,
	parentApplication pulumi.Resource,
) (*certManager.Certificate, error) {
	return certManager.NewCertificate(ctx, certificate.Name, &certManager.CertificateArgs{
		Metadata: &meta.ObjectMetaArgs{
			Namespace: namespace.Metadata.Name(),
			Labels: pulumi.StringMap{
				"app.kubernetes.io/part-of":    pulumi.String(certificate.Name),
				"app.kubernetes.io/managed-by": pulumi.String("pulumi"),
			},
		},
		Spec: &certManager.CertificateSpecArgs{
			SecretName: pulumi.String(fmt.Sprintf("%s-certificate", certificate.Name)),
			DnsNames: pulumi.StringArray{
				pulumi.String(certificate.Dns),
			},
			IssuerRef: &certManager.CertificateSpecIssuerRefArgs{
				Name:  pulumi.String("localdomain-issuer"),
				Kind:  pulumi.String("ClusterIssuer"),
				Group: pulumi.String("cfssl-issuer.wikimedia.org"),
			},
		},
	}, pulumi.Parent(parentApplication))
}