data "azurerm_user_assigned_identity" "containerapp" {
  name                = "containerappidentity"
  resource_group_name = data.azurerm_resource_group.rg.name
}

data "azurerm_resource_group" "rg" {
  name = "res_grp_name"
}

# Create a Storage Account for Function App
resource "azurerm_storage_account" "storage_account" {
  name                     = "sotrageaccname"
  resource_group_name      = data.azurerm_resource_group.rg.name
  location                 = data.azurerm_resource_group.rg.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

# Create an App Service Plan for Function App
resource "azurerm_service_plan" "service_plan" {
  name                = "${local.customized_name}-service-plan"
  resource_group_name = data.azurerm_resource_group.rg.name
  location            = data.azurerm_resource_group.rg.location
  os_type             = "Linux"
  sku_name            = "Y1"
}

# Create an Application Insights instance
resource "azurerm_application_insights" "app_insights" {
  name                = "${local.customized_name}-appinsights"
  resource_group_name = data.azurerm_resource_group.rg.name
  location            = data.azurerm_resource_group.rg.location
  application_type    = "web"
}

# Create a Linux Function App with a custom container
resource "azurerm_linux_function_app" "function_app" {
  name                       = "${local.customized_name}-function-app"
  resource_group_name        = data.azurerm_resource_group.rg.name
  location                   = data.azurerm_resource_group.rg.location
  storage_account_name       = azurerm_storage_account.storage_account.name
  storage_account_access_key = azurerm_storage_account.storage_account.primary_access_key
  service_plan_id            = azurerm_service_plan.service_plan.id

  identity {
    type         = "UserAssigned"
    identity_ids = [data.azurerm_user_assigned_identity.containerapp.id]
  }

  site_config {
    container_registry_use_managed_identity = true
    application_stack {
      docker {
        image_name   = "azure-function-app"
        image_tag    = "v2"
        registry_url = "azureiam.azurecr.io"
      }
    }
  }

  app_settings = {
    "FUNCTIONS_WORKER_RUNTIME"              = "python"
    "WEBSITE_RUN_FROM_PACKAGE"              = "1"
    "APPINSIGHTS_INSTRUMENTATIONKEY"        = azurerm_application_insights.app_insights.instrumentation_key
    "APPLICATIONINSIGHTS_CONNECTION_STRING" = azurerm_application_insights.app_insights.connection_string

    # 🔹 Store authentication credentials
    "COMPANY_SUBSCRIPTION_ID"             = "$COMPANY_SUBSCRIPTION_ID"
    "CUSTOMER_TENANT_ID"                  = "$CUSTOMER_TENANT_ID"
    "CUSTOMER_SUBSCRIPTION_ID"            = "$CUSTOMER_SUBSCRIPTION_ID"
    "CUSTOMER_APP_ID"                     = "$CUSTOMER_APP_ID"
    "CUSTOMER_CLIENT_SECRET"              = "x_p8Q~96nXqwmul2FBVxMprik5-bcBd9VaQxWcgL"
    "GITHUB_USERNAME"                     = "$CUSTOMER_CLIENT_SECRET"
    "GITHUB_TOKEN"                        = "$GITHUB_TOKEN"
    "AZURE_TENANT_ID"                     = "$AZURE_TENANT_ID"
    "AZURE_CLIENT_ID"                     = "$AZURE_CLIENT_ID"
    "AZURE_CLIENT_SECRET"                 = "$AZURE_CLIENT_SECRET"
    "TEST_AZURE_SERVICE_PRINCIPAL_ID"     = "$TEST_AZURE_SERVICE_PRINCIPAL_ID"
    "TEST_AZURE_SERVICE_PRINCIPAL_SECRET" = "$TEST_AZURE_SERVICE_PRINCIPAL_SECRET"
    "TEST_AZURE_TENANT_ID"                = "$TEST_AZURE_TENANT_ID"
    "AZURE_SUBSCRIPTION_ID"               = "$AZURE_SUBSCRIPTION_ID"
  }
}