package daemon

import (
	"context"
	"fmt"
	"strings"

	"banger/internal/guest"
	"banger/internal/model"
)

func (s *ImageService) seedAuthorizedKeyOnExt4Image(ctx context.Context, imagePath string) (string, error) {
	if strings.TrimSpace(s.config.SSHKeyPath) == "" {
		return "", nil
	}
	fingerprint, err := guest.AuthorizedPublicKeyFingerprint(s.config.SSHKeyPath)
	if err != nil {
		return "", fmt.Errorf("derive authorized ssh key fingerprint: %w", err)
	}
	publicKey, err := guest.AuthorizedPublicKey(s.config.SSHKeyPath)
	if err != nil {
		return "", fmt.Errorf("derive authorized ssh key: %w", err)
	}
	if err := provisionAuthorizedKey(ctx, s.runner, imagePath, publicKey); err != nil {
		return "", err
	}
	return fingerprint, nil
}

func (s *ImageService) refreshManagedWorkSeedFingerprint(ctx context.Context, image model.Image, fingerprint string) error {
	if !image.Managed || strings.TrimSpace(image.WorkSeedPath) == "" || strings.TrimSpace(fingerprint) == "" {
		return nil
	}
	seededFingerprint, err := s.seedAuthorizedKeyOnExt4Image(ctx, image.WorkSeedPath)
	if err != nil {
		return err
	}
	if seededFingerprint == "" || seededFingerprint == image.SeededSSHPublicKeyFingerprint {
		return nil
	}
	image.SeededSSHPublicKeyFingerprint = seededFingerprint
	image.UpdatedAt = model.Now()
	return s.store.UpsertImage(ctx, image)
}