package cert

import (
	"context"
	"fmt"
	"os"

	internallog "envoy-control-plane/internal/log"
)

const defaultFileMode = 0755

// CertIssuancePrerequisite handles the conditional logic and argument validation for cert issuance.
func CertIssuancePrerequisite(ctx context.Context, webrootpath string) error {
	log := internallog.LogFromContext(ctx)
	log.Infof("Certificate issuance enabled. Validating arguments...")
	if webrootpath == "" {
		log.Errorf("Webroot path is required for certificate issuance")
		return fmt.Errorf("webroot path is required for certificate issuance")
	}

	// 1. Ensure webroot path exists
	if _, err := os.Stat(webrootpath); os.IsNotExist(err) {
		log.Warnf("Webroot path '%s' does not exist. Creating it.", webrootpath)
		if err := os.MkdirAll(webrootpath, defaultFileMode); err != nil {
			log.Errorf("Failed to create webroot path: %v", err)
			return fmt.Errorf("failed to create webroot path: %w", err)
		}
	}
	return nil
}