package app

import (
	"encoding/base64"
	"fmt"
	"os"

	"github.com/rs/zerolog/log"
	"github.com/spf13/cobra"
	"gitlab.com/tensorsecurity-rd/waf-console/api"
	"gitlab.com/tensorsecurity-rd/waf-console/internal/utils"
	"gitlab.com/tensorsecurity-rd/waf-console/pkg/generated/clientset/versioned"
	"gorm.io/driver/mysql"
	"gorm.io/gorm"
	"k8s.io/client-go/rest"
)

func NewRootCommand() *cobra.Command {
	return &cobra.Command{
		Use:   "waf-console",
		Short: "Start waf-console service.",
		Args:  cobra.ExactArgs(0),
		RunE: func(cmd *cobra.Command, args []string) error {
			config := LoadConfig()
			debugMode := os.Getenv("DEBUG_MODE")
			log.Info().Msgf("DEBUG_MODE: %s", debugMode)
			if debugMode == "true" {
				config.Debug = true
				// config.Conf.Debug = true
			}
			dbConfig := config.DBConfig
			var db *gorm.DB
			var err error
			if dbConfig != nil {
				dns := fmt.Sprintf("%s:%s@tcp(%s:%s)/%s?charset=utf8mb4&parseTime=True&loc=Local", dbConfig.User, dbConfig.Password, dbConfig.Host, dbConfig.Port, dbConfig.Database)
				db, err = gorm.Open(mysql.Open(dns), &gorm.Config{})
				if err != nil {
					panic(err)
				}
			} else {
				panic("dbConfig is nil")
			}

			clusterClientManager := utils.NewClusterClientManager()
			for _, regionConfig := range config.RegionConfigs {
				var caData []byte
				var clientCertData []byte
				var clientKeyData []byte
				if regionConfig.CAData != "" {
					caData, err = base64.StdEncoding.DecodeString(regionConfig.CAData)
					if err != nil {
						panic(err)
					}
				}
				if regionConfig.ClientCertData != "" {
					clientCertData, err = base64.StdEncoding.DecodeString(regionConfig.ClientCertData)
					if err != nil {
						panic(err)
					}
				}
				if regionConfig.ClientKeyData != "" {
					clientKeyData, err = base64.StdEncoding.DecodeString(regionConfig.ClientKeyData)
					if err != nil {
						panic(err)
					}
				}
				client := versioned.NewForConfigOrDie(&rest.Config{
					Host: regionConfig.ApiServer,
					TLSClientConfig: rest.TLSClientConfig{
						Insecure: regionConfig.Insecure,
						CAData:   caData,
						CertData: clientCertData,
						KeyData:  clientKeyData,
					},
					// BearerToken: "1234567890",
				})
				clusterClientManager.AddClient(regionConfig.RegionCode, client)
			}

			e := api.SetRouters(db, clusterClientManager)
			return e.Run(":8080")
		},
	}
}