/*
Copyright (c) Edgeless Systems GmbH

SPDX-License-Identifier: AGPL-3.0-only
*/

/*
Package constants contains the constants used by Constellation.
Constants should never be overwritable by command line flags or configuration files.
*/
package constants

import (
	"time"
)

const (
	//
	// Constellation.
	//

	// ConstellationNameLength is the maximum length of a Constellation's name.
	ConstellationNameLength = 37
	// ConstellationMasterSecretStoreName is the name for the Constellation secrets in Kubernetes.
	ConstellationMasterSecretStoreName = "constellation-mastersecret"
	// ConstellationMasterSecretKey is the name of the key for master secret in the master secret store secret.
	ConstellationMasterSecretKey = "mastersecret"
	// ConstellationMasterSecretSalt is the name of the key for salt in the master secret store secret.
	ConstellationMasterSecretSalt = "salt"

	//
	// Ports.
	//

	// JoinServicePort is the port for reaching the join service within Kubernetes.
	JoinServicePort = 9090
	// JoinServiceNodePort is the port for reaching the join service outside of Kubernetes.
	JoinServiceNodePort       = 30090
	VerifyServicePortHTTP     = 8080
	VerifyServicePortGRPC     = 9090
	VerifyServiceNodePortHTTP = 30080
	VerifyServiceNodePortGRPC = 30081
	// KMSPort is the port the KMS server listens on.
	KMSPort          = 9000
	BootstrapperPort = 9000
	KubernetesPort   = 6443
	RecoveryPort     = 9999
	EnclaveSSHPort   = 2222
	SSHPort          = 22
	NVMEOverTCPPort  = 8009
	DebugdPort       = 4000
	KonnectivityPort = 8132
	// Default NodePort Range
	// https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
	NodePortFrom = 30000
	NodePortTo   = 32767

	//
	// Filenames.
	//
	StateFilename           = "constellation-state.json"
	ClusterIDsFileName      = "constellation-id.json"
	ConfigFilename          = "constellation-conf.yaml"
	LicenseFilename         = "constellation.license"
	DebugdConfigFilename    = "cdbg-conf.yaml"
	AdminConfFilename       = "constellation-admin.conf"
	MasterSecretFilename    = "constellation-mastersecret.json"
	WGQuickConfigFilename   = "wg0.conf"
	CoreOSAdminConfFilename = "/etc/kubernetes/admin.conf"
	KubeadmCertificateDir   = "/etc/kubernetes/pki"

	//
	// Filenames for Constellation's micro services.
	//

	// ServiceBasePath is the base path for the mounted micro service's files.
	ServiceBasePath = "/var/config"
	// MeasurementsFilename is the filename of CC measurements.
	MeasurementsFilename = "measurements"
	// EnforcedPCRsFilename is the filename for a list PCRs that are required to pass attestation.
	EnforcedPCRsFilename = "enforcedPCRs"
	// MeasurementSaltFilename is the filename of the salt used in creation of the clusterID.
	MeasurementSaltFilename = "measurementSalt"
	// MeasurementSecretFilename is the filename of the secret used in creation of the clusterID.
	MeasurementSecretFilename = "measurementSecret"
	// IDKeyDigestFilename is the name of the file holding the currently enforced idkeydigest.
	IDKeyDigestFilename = "idkeydigest"
	// EnforceIDKeyDigestFilename is the name of the file configuring whether idkeydigest is enforced or not.
	EnforceIDKeyDigestFilename = "enforceIdKeyDigest"
	// AzureCVM is the name of the file indicating whether the cluster is expected to run on CVMs or not.
	AzureCVM = "azureCVM"
	// K8sVersion is the filename of the mapped "k8s-version" configMap file.
	K8sVersion = "k8s-version"

	//
	// CLI.
	//

	MinControllerCount = 1
	MinWorkerCount     = 1

	//
	// Kubernetes.
	//

	KubernetesJoinTokenTTL = 15 * time.Minute
	ConstellationNamespace = "kube-system"
	JoinConfigMap          = "join-config"
	InternalConfigMap      = "internal-config"

	//
	// Helm.
	//

	HelmNamespace = "kube-system"

	//
	// Releases.
	//

	// S3PublicBucket contains measurements & releases.
	S3PublicBucket = "https://public-edgeless-constellation.s3.us-east-2.amazonaws.com/"
	// CosignPublicKey signs all our releases.
	CosignPublicKey = `-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEf8F1hpmwE+YCFXzjGtaQcrL6XZVT
JmEe5iSLvG1SyQSAew7WdMKF6o9t8e2TFuCkzlOhhlws2OHWbiFZnFWCFw==
-----END PUBLIC KEY-----
`
)

// VersionInfo is the version of a binary. Left as a separate variable to allow override during build.
var VersionInfo = "0.0.0"