resource "kubernetes_namespace" "external-dns" {
  depends_on = [local_file.kubeconfig]

  metadata {
    name = "external-dns"
  }
}

resource "kubernetes_secret" "aws_user_external_dns" {
  depends_on = [kubernetes_namespace.external-dns]

  metadata {
    name      = "aws-user-external-dns"
    namespace = "external-dns"
  }

  data = {
    username = aws_iam_access_key.lke-external-dns.id
    password = aws_iam_access_key.lke-external-dns.secret
  }

  type = "kubernetes.io/basic-auth"

}

resource "kubernetes_namespace" "argocd" {
  depends_on = [local_file.kubeconfig]

  metadata {
    name = "argocd"
  }
}

data "aws_secretsmanager_secret" "bitbucket_ssh_argocd_key" {
  name = "bitbucket-ssh-argocd-key"
}

data "aws_secretsmanager_secret_version" "bitbucket_ssh_argocd_key" {
  secret_id = data.aws_secretsmanager_secret.bitbucket_ssh_argocd_key.id
}

resource "kubernetes_secret" "bitbucket_ssh_argocd_key" {
  depends_on = [kubernetes_namespace.argocd]

  metadata {
    name      = "bitbucket-ssh-argocd-key"
    namespace = "argocd"
    labels = {
      "argocd.argoproj.io/secret-type" = "repository"
    }
  }

  data = {
    url           = "git@bitbucket.org:jamkazam/video-iac"
    sshPrivateKey = base64decode(jsondecode(data.aws_secretsmanager_secret_version.bitbucket_ssh_argocd_key.secret_string)["private"])
  }

}

data "kustomization_build" "argocd" {
  depends_on = [kubernetes_namespace.argocd]
  path       = "../k8s/argocd/overlays/staging"
}
resource "kustomization_resource" "argocd" {

  for_each = data.kustomization_build.argocd.ids

  manifest = data.kustomization_build.argocd.manifests[each.value]
}


data "kustomization_build" "applications" {
  depends_on = [kubernetes_namespace.argocd]
  path       = "../k8s/applications"
}
resource "kustomization_resource" "applications" {
  for_each = data.kustomization_build.applications.ids

  manifest = data.kustomization_build.applications.manifests[each.value]
}