# frozen_string_literal: true

module Neetob
  class CLI
    module MonthlyAudit
      module InstancesAndAddons
        module NeetoDeployOrHeroku
          class SslCertificatesOverThirtyDaysFromExpiry < CLI::Base
            def initialize
              super()
            end

            def run
              ui.success "### 3.1.1. Checking whether SSL certificates are over 30 days from expiry"
              apps_data = [["App", "Certificates expiring before 30 days present?", "Comments", "Audit Passed"]]
              ui.info("\n", print_to_audit_log: false)
              Neetob::CLI::Sre::Base::APPS_LIST[:neetodeploy].select { |app| app.include?("production") }.each do |app|
                ui.info("Checking Certificates status for #{app}", print_to_audit_log: false)
                certificates_status = Neetob::CLI::NeetoDeploy::Certificates.new(app).run
                audit_passed = nil
                comments = nil
                certificates_expiring_in_less_than_30_days = "No"
                if certificates_status.is_a?(Hash) && certificates_status["error"] == "Forbidden"
                  audit_passed = "No"
                  comments = "You do not have permission to access the certificates for this app."
                else
                  audit_passed = certificates_status.any? { |certificate| certificate["expires_before_30_days"] } ? "No" : "Yes"
                  certificates_expiring_in_less_than_30_days = "Yes" if audit_passed == "No"
                  if audit_passed == "No"
                    certificates_failing_audit = certificates_status.select { |certificate| certificate["expires_before_30_days"] }.map { |certificate| certificate["name"] }
                    comments = "Certificates #{certificates_failing_audit.join(", ")} are expiring in less than 30 days."
                  end
                end
                apps_data << [app, certificates_expiring_in_less_than_30_days, comments, audit_passed]
              end
              Neetob::CLI::Sre::Base::APPS_LIST[:heroku].select { |app| app.include?("production") }.each do |app|
                ui.info("Checking Certificates status for #{app}", print_to_audit_log: false)
                certificates_status = Neetob::CLI::Heroku::Certs.new(app).run
                certificates_expiring_in_less_than_30_days = certificates_status.select { |certificate| DateTime.parse(certificate[:expires]) <= 32.days.from_now }
                comments = nil
                audit_passed = "No"
                certificates_expiring_in_less_than_30_days_present = "No"
                if certificates_expiring_in_less_than_30_days.empty?
                  audit_passed = "Yes"
                else
                  comments = "Certificates #{certificates_expiring_in_less_than_30_days.map { |certificate| certificate[:name] }.join(", ")} are expiring in less than 30 days."
                  certificates_expiring_in_less_than_30_days_present = "Yes"
                end
                apps_data << [app, certificates_expiring_in_less_than_30_days_present, comments, audit_passed]
              end
              ui.print_table(apps_data)
            end
          end
        end
      end
    end
  end
end