#!/bin/bash
# SPDX-License-Identifier: MulanPSL-2.0+
# Copyright (c) 2020 Huawei Technologies Co., Ltd. All rights reserved.

CONTAINER_PATH="$CCI_SRC/container"

source ${CCI_SRC}/lib/log.sh

log_dir=/var/log/upgrade-deploy

timestamp=$(date "+%Y%m%d%H%M%s")

[ -d "$log_dir" ] || mkdir -p $log_dir

build_depends()
{
	local container=$1

	for dep in $(cat $container/*-depends 2> /dev/null)
	do
		build_depends $CONTAINER_PATH/$dep &
	done
	wait

	do_one_build $container
}

check_build()
{
	local container=$1
	local build_log=$2

	[ -d "$container/k8s" ] || return
	grep -q "docker build " $container/build || return
	grep -q "^Successfully tagged" $build_log || {
		echo "Failed to build $container" >> $log_dir/$timestamp
	}
}

do_one_build()
{
	local container=$1
	local container_name=$(basename $container)
	local build_log=$tmpdir/$container_name.log
	lockfile-create -q --use-pid --retry 100 --lock-name "build_${container_name}".lock

	mkdir $tmpdir/$container_name 2>/dev/null &&
	(
		cd "$container"
		[ -x build ] && ./build | tee -a $build_log
		check_build $container $build_log
		[ -x install ] && ./install
	)
	lockfile-remove --lock-name "build_${container_name}".lock
}

start_depends()
{
	local container=$1

	for dep in $(cat $container/start-depends 2> /dev/null)
	do
		start_depends $CONTAINER_PATH/$dep &
	done
	wait

	if [ "$deploy_k8s" = "true" ]; then
		do_one_pod $container
	else
		do_one_run $container
	fi
}

do_one_pod()
{

	[ ! -d "$container/k8s/" ] && return
	[ "$(ls -A $container/k8s)" = "" ] && return

	local container=$1
	local container_name=$(basename $container)
	lockfile-create -q --use-pid --retry 100 --lock-name "start_${container_name}".lock

	mkdir $tmpdir/start_$container_name 2>/dev/null &&
	(
		cd "$container"

		local list=(es etcd logging-es rabbitmq redis)
		for item in ${list[@]}
		do
			[ "$container_name"  == ${item} ] && {
				kubectl get deploy $item -n ems1 >/dev/null 2>&1 || kubectl get sts $item -n ems1 >/dev/null 2>&1
				[ "$?" = 0 ] && exit
			}
		done

		[ -x start ] && ./start
	)
	lockfile-remove --lock-name "start_${container_name}".lock
}

do_one_run()
{
	local container=$1
	local container_name=$(basename $container)
	lockfile-create -q --use-pid --retry 100 --lock-name "start_${container_name}".lock

	mkdir $tmpdir/start_$container_name 2>/dev/null &&
	(
		cd "$container"
		declare -A dic
		local dic=(['ssh-r']='ssh_r' ['etcd']='etcd-server' ['rabbitmq']='rabbitmq' ['es']='es-server01' ['redis']='redis507s01' ['rpm-repo']='update-repodata')
		for item in ${!dic[@]}
		do
			[ "$container_name"  == ${item} ] && {
				container_id=$(docker ps -aqf name=${dic[${item}]})
				[ -n "$container_id" ] && exit
			}
		done
		[ -x first-run ] && ./first-run
		[ -x start ] && ./start
	)
	lockfile-remove --lock-name "start_${container_name}".lock
}

build_all()
{
	for dir in $CONTAINER_PATH/*/
	do
		build_depends $dir &
	done
	wait
}

start_all()
{
	for dir in $CONTAINER_PATH/*/
	do
		start_depends $dir &
	done
	wait
}

create_es_cert()
{
	gpg_dir=/etc/gpg-key/
	[ -e "$gpg_dir/elastic-certificates.p12" ] && return

	container_name="es-cert-$(< /dev/urandom tr -dc "a-zA-Z0-9" | head -c 10; echo)"

	docker run --name ${container_name} -v ${gpg_dir}:${gpg_dir} \
		-u root --rm es:7.11.1 sh -c "\
		echo -e '\n\n' | ./bin/elasticsearch-certutil ca && \
		echo -e '\n\n\n' | ./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12 && \
		cp /usr/share/elasticsearch/elastic-certificates.p12 ${gpg_dir}"

	[ -e "$gpg_dir/elastic-certificates.p12" ] || {
		echo "create es cert failed!"
		exit
	}
}

load_all()
{
  arch=$(arch)

  script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
  images_dir="/images"

  mkdir -p "$images_dir"
  cd "$images_dir" || exit

  echo "==============导入微服务镜像================"
  wget -O index.html "https://eulermaker.compass-ci.openeuler.openatom.cn/api/ems1/repositories/EulerMaker/latest/$arch/"

  grep -o '<a href="[^"]*\.tar\.gz">' index.html | sed 's/<a href="//; s/">//' | while read -r filename; do
    wget "https://eulermaker.compass-ci.openeuler.openatom.cn/api/ems1/repositories/EulerMaker/latest/$arch/$filename"
    gunzip -d "$filename"
    docker load -i "$(basename "$filename" .gz)"
  done

  for image in $(docker images | awk '{if ($2 == "<none>") {print $1} else {print $1":"$2}}' | awk -F '/' '{print $2}'); do
    eval $(docker tag "registry.kubeoperator.io:8082/$image" "$image")
    if [[ "$image" == "es"* ]]; then
        echo "==============build es================"
        cd $CCI_SRC/sparrow/offline-load-EM-image/es
        ./build $image
    fi
    if [[ "$image" == "wgcloud-server"* ]]; then
        echo "==============build wgcloud-server================"
        cd $CCI_SRC/sparrow/offline-load-EM-image/wgcloud-server
        ./build $image
    fi
    if [[ "$image" == "result-webdav"* ]]; then
        echo "==============build result-webdav================"
        cd $CCI_SRC/sparrow/offline-load-EM-image/result-webdav
        ./build $image
    fi
    bash $CONTAINER_PATH/push "$image"
  done

  rm -f "$images_dir/index.html"

  build_depends $CONTAINER_PATH/squid

  cd $script_dir
}

tmpdir=$(mktemp -d)

if [ "$ENABLE_OFFLINE_DEPLOY" = "True" ]; then
  load_all
else
  build_all
fi
create_es_cert
[ "$deploy_k8s" = "true" ] && {
	sh $CCI_SRC/sparrow/k8s/generate-secrets
	kubectl delete -f $CCI_SRC/container/secrets.yaml -n ems1  >/dev/null 2>&1
	kubectl create -f $CCI_SRC/container/secrets.yaml --validate=false -n ems1
}
start_all

rm -fr $tmpdir
