using System;

namespace StellaOps.Provcache;

/// <summary>
/// Fluent builder for constructing a VeriKey (provenance identity key).
/// VeriKey is a composite hash that uniquely identifies a provenance decision context.
/// </summary>
/// <remarks>
/// <para>
/// VeriKey = SHA256(source_hash || sbom_hash || vex_hash_set_hash || merge_policy_hash || signer_set_hash || time_window)
/// </para>
/// <para>
/// Each component ensures cache invalidation when relevant inputs change:
/// <list type="bullet">
///   <item><c>source_hash</c>: Different artifacts get different keys</item>
///   <item><c>sbom_hash</c>: SBOM changes (new packages) create new key</item>
///   <item><c>vex_hash_set</c>: VEX updates create new key</item>
///   <item><c>policy_hash</c>: Policy changes create new key</item>
///   <item><c>signer_set_hash</c>: Key rotation creates new key (security)</item>
///   <item><c>time_window</c>: Temporal bucketing enables controlled expiry</item>
/// </list>
/// </para>
/// </remarks>
public sealed partial class VeriKeyBuilder
{
    private string? _sourceHash;
    private string? _sbomHash;
    private string? _vexHashSetHash;
    private string? _mergePolicyHash;
    private string? _signerSetHash;
    private string? _timeWindow;
    private readonly ProvcacheOptions _options;

    /// <summary>
    /// Creates a new VeriKeyBuilder with default options.
    /// </summary>
    public VeriKeyBuilder() : this(new ProvcacheOptions())
    {
    }

    /// <summary>
    /// Creates a new VeriKeyBuilder with the specified options.
    /// </summary>
    /// <param name="options">Provcache configuration options.</param>
    public VeriKeyBuilder(ProvcacheOptions options)
    {
        _options = options ?? throw new ArgumentNullException(nameof(options));
    }
}