package engine

import (
	"context"

	"github.com/kyverno/kyverno/api/policies.kyverno.io/v1alpha1"
	"github.com/kyverno/kyverno/pkg/cel/autogen"
	admissionregistrationv1 "k8s.io/api/admissionregistration/v1"
	"k8s.io/apimachinery/pkg/util/sets"
)

func NewIVPOLProvider(policies []v1alpha1.ImageVerificationPolicy) (ImageVerifyPolProviderFunc, error) {
	compiled := make([]CompiledImageVerificationPolicy, 0, len(policies))
	for _, policy := range policies {
		p := policy
		actions := sets.New(policy.Spec.ValidationAction...)
		if len(actions) == 0 {
			actions.Insert(admissionregistrationv1.Deny)
		}
		compiled = append(compiled, CompiledImageVerificationPolicy{
			Actions: actions,
			Policy:  &p,
		})

		autogeneratedIvPols, err := autogen.GetAutogenRulesImageVerify(&p)
		if err != nil {
			return nil, err
		}

		for _, ap := range autogeneratedIvPols {
			compiled = append(compiled, CompiledImageVerificationPolicy{
				Actions: actions,
				Policy: &v1alpha1.ImageVerificationPolicy{
					Spec: ap.Spec,
				},
			})
		}
	}
	provider := func(context.Context) ([]CompiledImageVerificationPolicy, error) {
		return compiled, nil
	}
	return provider, nil
}