import * as pulumi from "@pulumi/pulumi";
import { Group, Policy, SetupKey, NetBirdConfig } from "./netbird";
import { groups as groupConfigs, policies as policyConfigs, setupKeys as setupKeyConfigs } from "./config";

// =============================================================================
// Configuration
// =============================================================================
const config = new pulumi.Config("netbird");
const netbirdConfig: NetBirdConfig = {
  url: config.require("url"),
  token: config.requireSecret("token"),
};

// =============================================================================
// Create Groups from Config
// =============================================================================
const groups: Record<string, Group> = {};

for (const cfg of groupConfigs) {
  groups[cfg.name] = new Group(
    cfg.name,
    { name: cfg.name, peers: [] },
    netbirdConfig
  );
}

// =============================================================================
// Create Policies from Config
// =============================================================================
const policies: Record<string, Policy> = {};

for (const cfg of policyConfigs) {
  // Resolve group names to group IDs
  const rules = cfg.rules.map((rule) => ({
    name: rule.name,
    description: rule.description || "",
    enabled: true,
    sources: rule.sources.map((name) => groups[name].id),
    destinations: rule.destinations.map((name) => groups[name].id),
    bidirectional: rule.bidirectional ?? true,
    protocol: rule.protocol || "all",
    action: "accept" as const,
  }));

  // Collect all referenced groups for dependencies
  const referencedGroups = [
    ...new Set([
      ...cfg.rules.flatMap((r) => r.sources),
      ...cfg.rules.flatMap((r) => r.destinations),
    ]),
  ].map((name) => groups[name]);

  policies[cfg.name] = new Policy(
    cfg.name,
    {
      name: cfg.name,
      description: cfg.description || "",
      enabled: true,
      rules,
    },
    netbirdConfig,
    { dependsOn: referencedGroups }
  );
}

// =============================================================================
// Create Setup Keys from Config
// =============================================================================
const setupKeys: Record<string, SetupKey> = {};

for (const cfg of setupKeyConfigs) {
  const referencedGroups = cfg.groups.map((name) => groups[name]);
  
  setupKeys[cfg.name] = new SetupKey(
    cfg.name,
    {
      name: cfg.name,
      type: cfg.type || "reusable",
      autoGroups: cfg.groups.map((name) => groups[name].id),
      usageLimit: cfg.usageLimit ?? 0,
      expiresIn: (cfg.expiresInDays ?? 0) * 24 * 60 * 60, // Convert days to seconds
      ephemeral: false,
    },
    netbirdConfig,
    { dependsOn: referencedGroups }
  );
}

// =============================================================================
// Outputs
// =============================================================================
export const groupIds = Object.fromEntries(
  Object.entries(groups).map(([name, group]) => [name, group.id])
);

export const policyIds = Object.fromEntries(
  Object.entries(policies).map(([name, policy]) => [name, policy.id])
);

export const setupKeyValues = Object.fromEntries(
  Object.entries(setupKeys).map(([name, key]) => [name, pulumi.secret(key.key)])
);