consts

const (
	// APIServerSupportAnnotation is the annotation used to enable the API server support for a pod.
	APIServerSupportAnnotation = "liqo.io/api-server-support"
	// APIServerSupportAnnotationValueRemote is the value of the annotation used to enable the API server support for a pod.
	APIServerSupportAnnotationValueRemote = "remote"
	// APIServerSupportAnnotationValueDisabled is the value of the annotation used to disable the API server support for a pod.
	APIServerSupportAnnotationValueDisabled = "disabled"

	// RemoteServiceAccountNameAnnotation is the annotation used to set the name of the service account used by a pod
	// in the remote cluster. This annotation requires the API server support to be "remote" for the pod and the
	// remote service account to be created.
	RemoteServiceAccountNameAnnotation = "liqo.io/remote-service-account-name"

	// LabelsTemplateAnnotationKey contains a cache to store labels keys that belongs to a template.
	LabelsTemplateAnnotationKey = "liqo.io/template-labels"
	// AnnotsTemplateAnnotationKey contains a cache to store annotations keys that belongs to a template.
	AnnotsTemplateAnnotationKey = "liqo.io/template-annotations"

	// UninstallingAnnotationKey is the annotation used to signal liqo is being uninstalled.
	UninstallingAnnotationKey = "liqo.io/uninstalling"
	// UninstallingAnnotationValue is the value of the annotation used to signal liqo is being uninstalled.
	UninstallingAnnotationValue = "true"

	// PreinstalledAnnotKey is the annotation key used to mark a resource created at install-time by Liqo.
	PreinstalledAnnotKey = "liqo.io/preinstalled"
	// PreinstalledAnnotValue is the annotation value used to mark a resource created at install-time by Liqo.
	PreinstalledAnnotValue = "true"

	// WebhookServiceNameAnnotationKey is the constant representing
	// the key of the annotation containing the Webhook service name.
	WebhookServiceNameAnnotationKey = "liqo.io/webhook-service-name"
)

const (
	// AuthKeysSecretName is the name of the secret containing the authentication keys.
	AuthKeysSecretName = "authentication-keys"

	// SignedNonceSecretLabelKey is the label key used to identify signed nonce secrets.
	SignedNonceSecretLabelKey = "liqo.io/signed-nonce" //nolint:gosec // this is not a credential
	// NonceSecretLabelKey is the key used to store the Nonce value in the Secret.
	NonceSecretLabelKey = "liqo.io/nonce" //nolint:gosec // this is not a credential

	// NonceSecretField is the field key where the nonce is stored in the secret.
	NonceSecretField = "nonce"
	// SignedNonceSecretField is the field key where the signed nonce is stored in the secret.
	SignedNonceSecretField = "signedNonce"

	// KubeconfigSecretField is the field key where the kubeconfig is stored in the secret.
	KubeconfigSecretField = "kubeconfig"

	// IdentityTypeLabelKey is the label key to indicate the type of Identity.
	IdentityTypeLabelKey = "liqo.io/identity-type"

	// RemoteTenantNamespaceAnnotKey is the annotation key used to store the remote tenant namespace.
	RemoteTenantNamespaceAnnotKey = "liqo.io/remote-tenant-namespace"

	// ResourceSliceNameLabelKey is the label key used to store the name of the resource slice.
	ResourceSliceNameLabelKey = "liqo.io/resourceslice-name"

	// CreatorLabelKey is the label key used to store the creator of a resource.
	CreatorLabelKey = "liqo.io/creator-user"

	// CreateVirtualNodeAnnotation is the value of the annotation that enables the creation of a virtual node.
	CreateVirtualNodeAnnotation = "liqo.io/create-virtual-node"

	// CordonResourceAnnotation is the value of the annotation that enables the cordon of a resource.
	CordonResourceAnnotation = "liqo.io/cordon"

	// CordonTenantAnnotation is the value of the annotation that enables the cordon of a tenant.
	CordonTenantAnnotation = "liqo.io/cordon-tenant"

	// RenewAnnotation is the value of the annotation that enables the renewal of a resource.
	RenewAnnotation = "liqo.io/renew"

	// PeeringUserNameLabelKey labels all the resources created to grant peering permissions to the user doing a pering toward this cluster.
	PeeringUserNameLabelKey = "liqo.io/peering-user-name"
)

const (
	// ClusterIDLabelName is the name of the label key to use with Cluster ID.
	ClusterIDLabelName = "clusterID"
	// ClusterIDConfigMapKey is the key of the configmap where the cluster-id is stored.
	ClusterIDConfigMapKey = "CLUSTER_ID"
	// ClusterIDConfigMapNameLabelValue value of the name key of the configmap used to get it by label.
	ClusterIDConfigMapNameLabelValue = "clusterid-configmap"
)

const (
	// ProviderClusterLabel is the cluster label used to indicate the cluster provider.
	ProviderClusterLabel = "liqo.io/provider"
	// TopologyRegionClusterLabel is the cluster label used to indicate the cluster region.
	TopologyRegionClusterLabel = "topology.kubernetes.io/region"
)

const (
	// Core.
	CtrlForeignCluster      = "foreigncluster"
	CtrlSecretCRDReplicator = "secret_crdreplicator" //nolint:gosec // not a credential
	CtrlSecretWebhook       = "secret_webhook"

	// Networking.
	CtrlConfigurationExternal  = "configuration_external"
	CtrlConfigurationInternal  = "configuration_internal"
	CtrlConfigurationRemapping = "configuration_remapping"
	CtrlConfigurationRoute     = "configuration_route"
	CtrlConnection             = "connection"
	CtrlFirewallConfiguration  = "firewallconfiguration"
	CtrlGatewayClientExternal  = "gatewayclient_external"
	CtrlGatewayClientInternal  = "gatewayclient_internal"
	CtrlGatewayServerExternal  = "gatewayserver_external"
	CtrlGatewayServerInternal  = "gatewayserver_internal"
	CtrlInternalFabricCM       = "internalfabric_cm"
	CtrlInternalFabricFabric   = "internalfabric_fabric"
	CtrlInternalNodeGeneve     = "internalnode_geneve"
	CtrlInternalNodeRoute      = "internalnode_route"
	CtrlIP                     = "ip"
	CtrlIPRemapping            = "ip_remapping"
	CtrlNetwork                = "network"
	CtrlNode                   = "node"
	CtrlPodGateway             = "pod_gateway"
	CtrlPodGwMasq              = "pod_gw_masq"
	CtrlPodInternalNet         = "pod_internalnet"
	CtrlPublicKey              = "publickey"
	CtrlRouteConfiguration     = "routeconfiguration"
	CtrlWGGatewayClient        = "wggatewayclient"
	CtrlWGGatewayServer        = "wggatewayserver"

	// Authentication.
	CtrlIdentity            = "identity"
	CtrlIdentityCreator     = "identity_creator"
	CtrlRenewLocal          = "renew_local"
	CtrlRenewRemote         = "renew_remote"
	CtrlSecretNonceCreator  = "secret_noncecreator"
	CtrlSecretNonceSigner   = "secret_noncesigner"
	CtrlResourceSliceLocal  = "resourceslice_local"
	CtrlResourceSliceRemote = "resourceslice_remote"
	CtrlTenant              = "tenant"

	// Offloading.
	CtrlNamespaceMap        = "namespacemap"
	CtrlNamespaceOffloading = "namespaceoffloading"
	CtrlNodeFailure         = "node_failure"
	CtrlPodStatus           = "pod_status"
	CtrlShadowEndpointSlice = "shadowendpointslice"
	CtrlShadowPod           = "shadowpod"
	CtrlVirtualNode         = "virtualnode"

	// Cross modules.
	CtrlResourceSliceQuotaCreator = "resourceslice_quotacreator"
	CtrlResourceSliceVNCreator    = "resourceslice_vncreator"
	CtrlPodIPMapping              = "pod_ipmapping"
	CtrlConfigurationIPMapping    = "configuration_ipmapping"
)

const (
	// TenantNamespaceLabel used to mark the tenant namespaces.
	TenantNamespaceLabel = "liqo.io/tenant-namespace"

	// VirtualNodeLabel used to mark the virtual nodes.
	VirtualNodeLabel = "liqo.io/virtual-node"

	// LiqoAppLabelValue is the value of the label used to identify Liqo app.
	LiqoAppLabelValue = "liqo"

	// LiqoRuntimeClassName is the name of the runtimeclass used by Liqo.
	LiqoRuntimeClassName = "liqo"
)

const (
	// IPHostUnreachableKey is the key used to prevent the gateways from adding
	// the firewall rules to make the remapped IP reachable from a remote cluster.
	IPHostUnreachableKey = "networking.liqo.io/host-unreachable"
	// IPHostUnreachableValue is the value used to prevent the gateways from adding
	// the firewall rules to make the remapped IP reachable from a remote cluster.
	IPHostUnreachableValue = "true"

	// GatewayResourceLabel is the label added to a gateway resource.
	GatewayResourceLabel = "networking.liqo.io/gateway-resource"
	// GatewayResourceLabelValue is the value of the label added to a gateway resource.
	GatewayResourceLabelValue = "true"

	// GatewayTypeServer indicates a Gateway of type server.
	GatewayTypeServer = "server"
	// GatewayTypeClient indicates a Gateway of type client.
	GatewayTypeClient = "client"

	// PrivateKeyField is the data field of the secrets containing private keys.
	PrivateKeyField = "privateKey"
	// PublicKeyField is the data field of the secrets containing public keys.
	PublicKeyField = "publicKey"

	// ClusterRoleBindingFinalizer is the finalizer added ti the owner when a ClusterRoleBinding is created.
	ClusterRoleBindingFinalizer = "networking.liqo.io/clusterrolebinding"
	// GatewayNameLabel is the label added to a resource to identify the Gateway it belongs to.
	GatewayNameLabel = "networking.liqo.io/gateway-name"
	// GatewayNamespaceLabel is the label added to a resource to identify the namespace of the Gateway it belongs to.
	GatewayNamespaceLabel = "networking.liqo.io/gateway-namespace"
)

const (
	// DefaultGenevePort is the default port used for the geneve tunnel.
	DefaultGenevePort uint16 = 6091
	// DefaultGeneveCleanupInterval is the default interval used to cleanup the geneve tunnels.
	DefaultGeneveCleanupInterval = time.Minute * 30
	// DefaultRouteTable is the name of the default table used for routes.
	DefaultRouteTable = "liqo"
	// InternalFabricName is the label used to identify the internal fabric name.
	InternalFabricName = "networking.liqo.io/internal-fabric-name"
	// InternalNodeName is the label used to identify the internal node name.
	InternalNodeName = "networking.liqo.io/internal-node-name"
	// InternalFabricGeneveTunnelFinalizer is the finalizer used to ensure that the geneve tunnel is deleted and the
	// id is freed.
	InternalFabricGeneveTunnelFinalizer = "networking.liqo.io/internal-fabric-geneve-tunnel-finalizer"
)

const (
	// IpamPort is the port used by the IPAM gRPC server.
	IpamPort = 6000
	// SyncInterval is the frequency at which the IPAM should periodically sync its status.
	SyncInterval = 2 * time.Minute
	// SyncGracePeriod is the time the IPAM sync routine should wait before performing a deletion.
	SyncGracePeriod = 30 * time.Second
	// NetworkNotRemappedLabelKey is the label key used to mark a Network that does not need CIDR remapping.
	NetworkNotRemappedLabelKey = "ipam.liqo.io/network-not-remapped"
	// NetworkNotRemappedLabelValue is the label value used to mark a Network that does not need CIDR remapping.
	NetworkNotRemappedLabelValue = "true"

	// NetworkTypeLabelKey is the label key used to indicate the type of a Network.
	NetworkTypeLabelKey = "ipam.liqo.io/network-type"
	// NetworkTypePodCIDR is the constant representing a network of type podCIDR.
	NetworkTypePodCIDR NetworkType = "pod-cidr"
	// NetworkTypeServiceCIDR is the constant representing a network of type serviceCIDR.
	NetworkTypeServiceCIDR NetworkType = "service-cidr"
	// NetworkTypeExternalCIDR is the constant representing a network of type externalCIDR.
	NetworkTypeExternalCIDR NetworkType = "external-cidr"
	// NetworkTypeInternalCIDR is the constant representing a network of type internalCIDR.
	NetworkTypeInternalCIDR NetworkType = "internal-cidr"
	// NetworkTypeReserved is the constant representing a network of type reserved subnet.
	NetworkTypeReserved NetworkType = "reserved"

	// IPTypeLabelKey is the label key used to indicate the type of an IP.
	IPTypeLabelKey = "ipam.liqo.io/ip-type"
	// IPTypeAPIServer is the constant representing an IP of type APIServer.
	IPTypeAPIServer = "api-server"
	// IPTypeAPIServerProxy is the constant representing an IP of type APIServerProxy.
	IPTypeAPIServerProxy = "api-server-proxy"

	// NetworkNamespaceLabelKey is the label key used to indicate the namespace of a Network.
	NetworkNamespaceLabelKey = "ipam.liqo.io/network-namespace"
	// NetworkNameLabelKey is the label key used to indicate the name of a Network.
	NetworkNameLabelKey = "ipam.liqo.io/network-name"

	// DefaultCIDRValue is the default value for a string that contains a CIDR.
	DefaultCIDRValue = "None"
)

const (
	// K8sAppNameKey = key of the label used to denote a deployed application name.
	K8sAppNameKey = "app.kubernetes.io/name"
	// K8sAppInstanceKey = key of the label used to denote a deployed application instance.
	K8sAppInstanceKey = "app.kubernetes.io/instance"
	// K8sAppManagedByKey = key of the label used to denote which app is managing the resource.
	K8sAppManagedByKey = "app.kubernetes.io/managed-by"
	// K8sAppComponentKey = key of the label used to denote a deployed application component.
	K8sAppComponentKey = "app.kubernetes.io/component"
	// K8sAppPartOfKey = key of the label used to denote the application a resource is part of.
	K8sAppPartOfKey = "app.kubernetes.io/part-of"

	// ControllerManagerAppName label value that denotes the name of the liqo-controller-manager deployment.
	ControllerManagerAppName = "controller-manager"

	// APIServerProxyAppName label value that denotes the name of the liqo-api-server-proxy deployment.
	APIServerProxyAppName = "proxy"

	// OffloadingComponentKey is the label assigned to the Liqo components related to offloading.
	OffloadingComponentKey = "offloading.liqo.io/component"

	// VirtualKubeletComponentValue is the value to use with the OffloadingComponentKey to label the Virtual Kubelet component.
	VirtualKubeletComponentValue = "virtual-kubelet"

	// NetworkingComponentKey is the label assigned to the Liqo components related to networking.
	NetworkingComponentKey = "networking.liqo.io/component"

	// WebhookResourceLabelKey is the constant representing
	// the key of the label assigned to all Webhook resources.
	WebhookResourceLabelKey = "liqo.io/webhook"
	// WebhookResourceLabelValue is the constant representing
	// the value of the label assigned to all Webhook resources.
	WebhookResourceLabelValue = "true"
)

const (
	// RemoteClusterID is used to obtain cluster-id from different Liqo resources.
	RemoteClusterID = "liqo.io/remote-cluster-id"
	// TypeLabel is the key of a Liqo label that identifies different types of nodes.
	// todo: change to NodeTypeLabel
	TypeLabel = "liqo.io/type"
	// TypeNode is the value of a Liqo label that identifies Liqo virtual nodes.
	// todo: change to VirtualNodeType
	TypeNode = "virtual-node"
	// DocumentationURL is the URL to official Liqo Documentation.
	DocumentationURL = "https://doc.liqo.io/"
	// DefaultNamespaceOffloadingName is the default name of NamespaceOffloading resources. Every namespace that has
	// to be offloaded with Liqo, must have a NamespaceOffloading resource with this name.
	DefaultNamespaceOffloadingName = "offloading"
	// SchedulingLiqoLabel is necessary in order to allow Pods to be scheduled on remote clusters.
	SchedulingLiqoLabel = "liqo.io/scheduling-enabled"
	// SchedulingLiqoLabelValue unique value allowed for SchedulingLiqoLabel.
	SchedulingLiqoLabelValue = "true"

	// RemoteNamespaceManagedByAnnotationKey is the annotation that identifies the NamespaceMap managing a given remote namespace.
	RemoteNamespaceManagedByAnnotationKey = "liqo.io/managed-by-namespace-map"
	// RemoteNamespaceOriginalNameAnnotationKey is the annotation that identifies the original name of a remote namespace.
	RemoteNamespaceOriginalNameAnnotationKey = "liqo.io/original-name"
	// RemoteNamespaceClusterRoleName is the name of the cluster role used to grant permissions to the virtual kubelet in remote namespaces.
	RemoteNamespaceClusterRoleName = "liqo-virtual-kubelet-remote"
)

const (
	// ClusterLabelsParameter is the name of the parameter specifying the cluster labels.
	ClusterLabelsParameter = "cluster-labels"

	// NotApplicable is a constant used to represent a not applicable value.
	NotApplicable = "N/A"
)

const (
	// OwnershipLocal indicates that the resource is owned by the local cluster.
	OwnershipLocal OwnershipType = "Local"
	// OwnershipShared indicates that the ownership over the resource is shared between the two clusters.
	// In particular:
	// - the spec of the resource is owned by the local cluster.
	// - the status by the remote cluster.
	OwnershipShared OwnershipType = "Shared"

	// ReplicationRequestedLabel is the key of a label indicating whether the given resource should be replicated remotely.
	ReplicationRequestedLabel = "liqo.io/replication"
	// ReplicationRequestedLabelValue is the value of a label indicating that the given resource should be replicated remotely.
	ReplicationRequestedLabelValue = "true"
	// ReplicationOriginLabel is the key of a label indicating the origin cluster of a replicated resource.
	ReplicationOriginLabel = "liqo.io/originID"
	// ReplicationDestinationLabel is the key of a label indicating the destination cluster of a replicated resource.
	ReplicationDestinationLabel = "liqo.io/remoteID"
	// ReplicationStatusLabel is the key of a label indicating that this resource has been created by a remote cluster through replication.
	ReplicationStatusLabel = "liqo.io/replicated"

	// LocalPodLabelKey label key added to all the local pods that have been offloaded/replicated to a remote cluster.
	LocalPodLabelKey = "liqo.io/shadowPod"
	// LocalPodLabelValue value of the label added to the local pods that have been offloaded/replicated to a remote cluster.
	LocalPodLabelValue = "true"

	// ManagedByLabelKey is the label key used to indicate that a given resource is managed by another one.
	ManagedByLabelKey = "liqo.io/managed-by"
	// ManagedByShadowPodValue it the label value used to indicate that a given resource is managed by a ShadowPod.
	ManagedByShadowPodValue = "shadowpod"
	// ManagedByShadowEndpointSliceValue it the label value used to indicate that a given resource is managed by a ShadowEndpointSlice.
	ManagedByShadowEndpointSliceValue = "shadowendpointslice"

	// LocalResourceOwnership label key added to a resource when it is owned by a local component.
	// Ex. Local networkconfigs are owned by the component that creates them. If the resource is replicated in
	// a remote cluster this label is removed by the CRDReplicator.
	LocalResourceOwnership = "liqo.io/ownership"

	// ForceRemoteNodePortAnnotationKey is the annotation key used to indicate that a service should be forced to
	// use the same node port on both clusters.
	ForceRemoteNodePortAnnotationKey = "liqo.io/force-remote-node-port"

	// SkipReflectionAnnotationKey is the annotation key used to indicate that a given object should not be reflected into a remote cluster.
	SkipReflectionAnnotationKey = "liqo.io/skip-reflection"

	// AllowReflectionAnnotationKey is the annotation key used to indicate that a given object should be reflected into a remote cluster.
	AllowReflectionAnnotationKey = "liqo.io/allow-reflection"

	// PodAntiAffinityPresetKey is the annotation key used to express an anti-affinity preset to apply to offloaded pods.
	PodAntiAffinityPresetKey = "liqo.io/anti-affinity-preset"

	// PodAntiAffinityPresetValueSoft is the annotation value corresponding to the "soft" anti-affinity preset (i.e., preferred).
	PodAntiAffinityPresetValueSoft = "soft"

	// PodAntiAffinityPresetValueHard is the annotation value corresponding to the "hard" anti-affinity preset (i.e., required).
	PodAntiAffinityPresetValueHard = "hard"

	// PodAntiAffinityPresetValuePropagate is the annotation value corresponding to the propagation of the original pod anti-affinity constrains.
	PodAntiAffinityPresetValuePropagate = "propagate"

	// PodAntiAffinityLabelsKey is the annotation key used to specify a subset of the pod label keys for the anti-affinity constraints.
	PodAntiAffinityLabelsKey = "liqo.io/anti-affinity-labels"

	// RemoteUnavailableKey is the annotation key indicating that the remote cluster hosting the local offloaded pod is currently not available.
	RemoteUnavailableKey = "liqo.io/remote-unavailable"
	// RemoteUnavailableValue is the annotation value of the label indicating that the remote cluster hosting the local offloaded pod is currently
	// not available.
	RemoteUnavailableValue = "true"

	// RemoteRuntimeClassNameAnnotKey is the annotation key used to store the name of the remote pod runtimeclass.
	RemoteRuntimeClassNameAnnotKey = "liqo.io/remote-runtime-class-name"
)

const (
	// StorageProvisionerName is the name of the liqo storage provisioner.
	StorageProvisionerName = "liqo.io/storage"

	// StorageAvailableLabel is the label used to mark if the liqo storage is available on a virtual node.
	StorageAvailableLabel = "storage.liqo.io/available"

	// VirtualPvcNamespaceLabel is the label used to mark the namespace of a virtual PVC.
	VirtualPvcNamespaceLabel = "storage.liqo.io/virtual-pvc-namespace"
	// VirtualPvcNameLabel is the label used to mark the name of a virtual PVC.
	VirtualPvcNameLabel = "storage.liqo.io/virtual-pvc-name"

	// StorageNamespaceLabel is the label used to mark the liqo storage namespace.
	StorageNamespaceLabel = "liqo.io/storage-provisioner"
)

const (
	// VirtualNodeTolerationKey all Pods that have to be scheduled on virtual nodes must have this toleration
	// to Liqo taint.
	VirtualNodeTolerationKey = "virtual-node.liqo.io/not-allowed"

	// WebHookLabel used to mark the resouces related to the Liqo webhooks.
	WebHookLabel = "liqo.io/webhook"

	// WebHookLabelValue is the value of the label used to identify Liqo webhooks.
	WebHookLabelValue = "true"
)

const (
	// DefaultLiqoNamespace represents the default namespace where liqo is installed in.
	DefaultLiqoNamespace = "liqo"
)