import os
from google.cloud import secretmanager
from google.oauth2 import service_account
from dotenv import load_dotenv
import google.api_core

"""
A simple script to port environment variables from a .env file to Google Cloud Secret Manager.

Be sure to set the USE_TEST_MODE variable before running this script to determine which project's secrets to update.
"""

# Path to your .env file
dotenv_path = '../.env'

# Load variables from .env file
load_dotenv()

# Set your Google Cloud Project ID

USE_TEST_MODE = os.getenv('USE_TEST_MODE', 'false').lower() == 'true'

PROJECT_ID = 'storyitapp-dev' if USE_TEST_MODE else 'storyitapp'

credentials = service_account.Credentials.from_service_account_file(
                os.path.join(os.path.dirname(__file__), '..', 'storyitapp-dev-37436c53ccb9.json' if USE_TEST_MODE else 'storyitapp-deaec6dfc398.json')
            )

# Initialize the Secret Manager client
client = secretmanager.SecretManagerServiceClient(credentials=credentials)

# Function to create a secret in Google Cloud Secret Manager
def create_secret(name, payload):
    parent = f"projects/{PROJECT_ID}"
    secret_id = name

    # Create the secret
    try:
        response = client.create_secret(
            request={
                "parent": parent,
                "secret_id": secret_id,
                "secret": {"replication": {"automatic": {}}},
            }
        )
        print(f"Created secret: {name}")

        # Remove single quotes from the payload
        payload = payload.strip("'")

        # Add the secret version
        secret_name = response.name
        client.add_secret_version(
            request={"parent": secret_name, "payload": {"data": payload.encode("UTF-8")}}
        )
        print(f"Added secret version: {name}")
    except (google.api_core.exceptions.AlreadyExists):
        print("Secret already exists... Skipping this one.")

# Function to parse the .env file and return a dictionary of key-value pairs
def parse_dotenv(dotenv_path):
    excluded_values = ["prod"] if USE_TEST_MODE else ["test", "dev"] 
    with open(dotenv_path, 'r') as f:
        lines = f.readlines()
    env_vars = {}
    for line in lines:
        if line.strip() and not line.startswith('#'):
            key, value = line.strip().split('=', 1)
            key = key.strip()
            value = value.strip()
            if not any(excluded_value in key.lower() for excluded_value in excluded_values):
                env_vars[key] = value
    return env_vars

# Read variables from .env file
env_vars = parse_dotenv(dotenv_path)

# Create a secret for each variable
for key, value in env_vars.items():
    create_secret(key, value)