# Define a list of directories that contain policy files
locals {
  policy_directories = [
    "policies",
    "policies/sys",
    "policies/auth/approle",
    "policies/auth/kubernetes",
    "policies/auth/ldap",
    "policies/auth/token",
    "policies/k8s",
    "policies/pki_int",
    "policies/pki_root",
    "policies/rundeck",
    "policies/ssh-host-signer",
    "policies/sshca",
    "policies/kv/service/glauth/services",
    "policies/kv/service/incus",
    "policies/kv/service/packer",
    "policies/kv/service/puppet/certificates",
    "policies/kv/service/puppetapi",
    "policies/kv/service/terraform",
  ]
}

# Load policy files from each directory
locals {
  policy_files = flatten([
    for path in local.policy_directories : [
      for f in fileset(path, "*.hcl") : {
        name = trimsuffix(trimprefix("${path}/${f}", "policies/"), ".hcl")
        path = "${path}/${f}"
      }
    ]
  ])
}

# Define Vault policies for all listed directories
resource "vault_policy" "policies" {
  for_each = { for p in local.policy_files : p.name => p }

  name   = each.key
  policy = file(each.value.path)
}