# Service Mesh Module
# Deploys Istio, Linkerd, or Kuma across all clusters for cross-cloud communication

locals {
  # Service mesh configuration
  mesh_provider = var.provider
  
  # Cluster configurations
  clusters = var.clusters
}

# ============================================
# ISTIO DEPLOYMENT
# ============================================
resource "helm_release" "istio_base" {
  count = local.mesh_provider == "istio" ? length(local.clusters) : 0
  
  name       = "istio-base"
  repository = "https://istio-release.storage.googleapis.com/charts"
  chart      = "base"
  version    = "1.19.0"
  namespace  = "istio-system"
  create_namespace = true
  
  # Dynamic provider configuration would be needed here
  # For now, this is a template that would be applied per cluster
}

resource "helm_release" "istio_istiod" {
  count = local.mesh_provider == "istio" ? length(local.clusters) : 0
  
  name       = "istiod"
  repository = "https://istio-release.storage.googleapis.com/charts"
  chart      = "istiod"
  version    = "1.19.0"
  namespace  = "istio-system"
  
  values = [yamlencode({
    meshConfig = {
      defaultConfig = {
        proxyStatsMatcher = {
          inclusionRegexps = [".*"]
        }
      }
    }
    pilot = {
      env = {
        PILOT_ENABLE_CROSS_CLUSTER_WORKLOAD_ENTRY = true
      }
    }
  })]
  
  depends_on = [helm_release.istio_base]
}

resource "helm_release" "istio_gateway" {
  count = local.mesh_provider == "istio" ? length(local.clusters) : 0
  
  name       = "istio-gateway"
  repository = "https://istio-release.storage.googleapis.com/charts"
  chart      = "gateway"
  version    = "1.19.0"
  namespace  = "istio-system"
  
  values = [yamlencode({
    service = {
      type = "LoadBalancer"
    }
  })]
  
  depends_on = [helm_release.istio_istiod]
}

# ============================================
# LINKERD DEPLOYMENT
# ============================================
resource "helm_release" "linkerd_crds" {
  count = local.mesh_provider == "linkerd" ? length(local.clusters) : 0
  
  name       = "linkerd-crds"
  repository = "https://helm.linkerd.io/stable"
  chart      = "linkerd-crds"
  version    = "1.15.0"
  namespace  = "linkerd"
  create_namespace = true
}

resource "helm_release" "linkerd_control_plane" {
  count = local.mesh_provider == "linkerd" ? length(local.clusters) : 0
  
  name       = "linkerd-control-plane"
  repository = "https://helm.linkerd.io/stable"
  chart      = "linkerd-control-plane"
  version    = "1.15.0"
  namespace  = "linkerd"
  
  values = [yamlencode({
    identity = {
      issuer = {
        scheme = "kubernetes.io/tls"
      }
    }
    proxy = {
      resources = {
        cpu = {
          request = "100m"
        }
        memory = {
          request = "128Mi"
        }
      }
    }
  })]
  
  depends_on = [helm_release.linkerd_crds]
}

# ============================================
# KUMA DEPLOYMENT
# ============================================
resource "helm_release" "kuma_control_plane" {
  count = local.mesh_provider == "kuma" ? length(local.clusters) : 0
  
  name       = "kuma"
  repository = "https://kumahq.github.io/charts"
  chart      = "kuma"
  version    = "2.5.0"
  namespace  = "kuma-system"
  create_namespace = true
  
  values = [yamlencode({
    controlPlane = {
      mode = "zone"
      zones = {
        enabled = true
      }
    }
  })]
}

# ============================================
# CROSS-CLUSTER CONFIGURATION
# ============================================
# Generate configuration files for cross-cluster mesh setup
resource "local_file" "mesh_config" {
  for_each = local.clusters
  
  filename = "${path.module}/../../../../config/mesh/${each.key}-mesh-config.yaml"
  content = yamlencode({
    cluster = each.key
    provider = local.mesh_provider
    mTLS = var.mTLS_enabled
    endpoints = {
      for k, v in local.clusters : k => v.endpoint
      if k != each.key
    }
  })
}