import { Construct } from 'constructs';
import {
  AcmCertificate,
  AcmCertificateValidation,
} from '../generated/providers/aws/acm';
import { Route53Record } from '../generated/providers/aws/route53';
import { getId } from '../utils';

export type CertificateProps = {
  domainName: string;
  zoneId: string;
};

export default class Certificate extends Construct {
  readonly arn: string;
  constructor(scope: Construct, id: string, props: CertificateProps) {
    super(scope, id);
    const { domainName, zoneId } = props;

    // certificate creation based on this: https://www.oss-group.co.nz/blog/automated-certificates-aws
    const dnsId = getId('dns');
    const certificateId = getId(dnsId, 'cert');
    const dnsRecordId = getId(dnsId, 'record');
    const certificate = new AcmCertificate(this, certificateId, {
      domainName,
      validationMethod: 'DNS',
      lifecycle: {
        createBeforeDestroy: true,
      },
    });

    const certDnsRecordId = getId(dnsRecordId, 'cert');

    /**
     * @NOTE this foreach was based on [this comment](https://github.com/hashicorp/terraform-cdk/issues/430#issuecomment-831511019)
     * as [cdktf does not support iterating computed values](https://github.com/hashicorp/terraform-cdk/issues/994)
     */
    const certDnsRecord = new Route53Record(this, certDnsRecordId, {
      zoneId,
      allowOverwrite: true,
      name: `\${tolist(${certificate.fqn}.domain_validation_options)["0"].resource_record_name}`,
      type: `\${tolist(${certificate.fqn}.domain_validation_options)["0"].resource_record_type}`,
      records: [
        `\${tolist(${certificate.fqn}.domain_validation_options)["0"].resource_record_value}`,
      ],
      ttl: 60,
    });

    // validate the certificate
    new AcmCertificateValidation(this, getId(certDnsRecordId, 'validation'), {
      certificateArn: certificate.arn,
      validationRecordFqdns: [certDnsRecord.fqdn],
    });
    this.arn = certificate.arn;
  }
}