# locals.tf defines common expressions used by the module.

locals {
  # Project containing existing Cloud SQL instance.
  sql_instance_project = coalesce(var.sql_instance_project, var.project)

  # Should a DNS domain mapping be created?
  domain_mapping_present = anytrue([for dm in google_cloud_run_domain_mapping.webapp : true])

  # DNS names for web app
  dns_names = var.dns_name != "" ? [var.dns_name] : var.dns_names

  # DNS records for webapp. Merge records from any domain mappings or load balancers.
  dns_records = flatten(concat(
    [
      for domain_mapping in google_cloud_run_domain_mapping.webapp : [
        {
          type   = domain_mapping.status[0].resource_records[0].type
          rrdata = domain_mapping.status[0].resource_records[0].rrdata
        }
      ]
    ],
    [
      for load_balancer in module.webapp_http_load_balancer : [
        {
          type   = "A"
          rrdata = load_balancer.external_ip
        },
        {
          type   = "AAAA"
          rrdata = load_balancer.external_ipv6_address
        }
      ]
    ]
  ))

  # Certain ingress styles imply that we disallow external access to the base Cloud Run service.
  webapp_allowed_ingress = lookup({
    load-balancer = "internal-and-cloud-load-balancing"
  }, var.ingress_style, var.allowed_ingress)

  # Do we need to enable the 'beta' launch stage - only required if certain beta
  # functionality is being used, or if `enable_beta_launch_stage` is set downstream.
  enable_beta_launch_stage = (
    var.enable_beta_launch_stage || length(var.secrets_volume) != 0 || length(var.secrets_envars) != 0
  )

  # Hosts to monitor. We use the automatic host from Cloud Run and any custom
  # domain mapped host.
  monitor_hosts = var.disable_monitoring ? [] : concat(
    [trimsuffix(trimprefix(google_cloud_run_service.webapp.status[0].url, "https://"), "/")],
    var.allow_unauthenticated_invocations ? local.dns_names : [],
  )
}