package attestations

import (
	"encoding/csv"
	"strings"

	"github.com/pkg/errors"
)

const (
	KeyTypeSbom       = "sbom"
	KeyTypeProvenance = "provenance"
)

const (
	// TODO: update this before next buildkit release
	defaultSBOMGenerator = "jedevc/buildkit-syft-scanner:master@sha256:de630f621eb0ab1bb1245cea76d01c5bddfe78af4f5b9adecde424cb7ec5605e"
)

func Filter(v map[string]string) map[string]string {
	attests := make(map[string]string)
	for k, v := range v {
		if strings.HasPrefix(k, "attest:") {
			attests[k] = v
			continue
		}
		if strings.HasPrefix(k, "build-arg:BUILDKIT_ATTEST_") {
			attests[k] = v
			continue
		}
	}
	return attests
}

func Validate(values map[string]map[string]string) (map[string]map[string]string, error) {
	for k := range values {
		if k != KeyTypeSbom && k != KeyTypeProvenance {
			return nil, errors.Errorf("unknown attestation type %q", k)
		}
	}
	return values, nil
}

func Parse(values map[string]string) (map[string]map[string]string, error) {
	attests := make(map[string]string)
	for k, v := range values {
		if strings.HasPrefix(k, "attest:") {
			attests[strings.ToLower(strings.TrimPrefix(k, "attest:"))] = v
			continue
		}
		if strings.HasPrefix(k, "build-arg:BUILDKIT_ATTEST_") {
			attests[strings.ToLower(strings.TrimPrefix(k, "build-arg:BUILDKIT_ATTEST_"))] = v
			continue
		}
	}

	out := make(map[string]map[string]string)
	for k, v := range attests {
		attrs := make(map[string]string)
		out[k] = attrs
		if k == KeyTypeSbom {
			attrs["generator"] = defaultSBOMGenerator
		}
		if v == "" {
			continue
		}
		csvReader := csv.NewReader(strings.NewReader(v))
		fields, err := csvReader.Read()
		if err != nil {
			return nil, errors.Wrapf(err, "failed to parse %s", k)
		}
		for _, field := range fields {
			parts := strings.SplitN(field, "=", 2)
			if len(parts) != 2 {
				parts = append(parts, "")
			}
			attrs[parts[0]] = parts[1]
		}
	}

	return Validate(out)
}