#!/usr/bin/env nu 
# Info: Prepare for kubernetes default installation
# Author: JesusPerezLorenzo 
# Release: 1.0.2
# Date: 30-12-2023

use lib_provisioning/cmd/env.nu * 
use lib_provisioning/cmd/lib.nu *

use lib_provisioning/utils/ui.nu *

print $"(_ansi green_bold)OS(_ansi reset) with ($env.PROVISIONING_VARS) " 

let defs = load_defs

if $env.PROVISIONING_RESOURCES == null { 
  print $"🛑 PROVISIONING_RESOURCES not found"  
  exit 1
}
let resources_path = $env.PROVISIONING_RESOURCES
if not ($resources_path | path exists) {  ^mkdir -p $resources_path  }

#let WORK_PATH = ${WORK_PATH:-/tmp}
#[ ! -d "$WORK_PATH" ] && mkdir -p "$WORK_PATH"
#export LC_CTYPE=C.UTF-8 
#export LANG=C.UTF-8

export def copy_certs [
  run_root: string
] {
  let provision_path = ($defs.taskserv.prov_etcd_path | default "" | str replace "~" $env.HOME)
  if $provision_path == "" { 
    print $"🛑 prov_path not found taskserv definition"  
    return false
  }
  let src = if ($defs.taskserv.prov_etcd_path | str starts-with "/" ) { 
    $defs.taskserv.prov_etcd_path
  } else if ($defs.taskserv.prov_etcd_path | str starts-with "resources/" ) { 
    ($env.PROVISIONING_SETTINGS_SRC_PATH | path join $defs.taskserv.prov_etcd_path)
  } else { 
    ($env.PROVISIONING_SETTINGS_SRC_PATH | path join "resources" | path join $defs.taskserv.prov_etcd_path)
  } 
  let etcd_certs_path = ($defs.taskserv.etcd_certs_path | default "" | str replace "~" $env.HOME)
  if $etcd_certs_path == "" { print "Error etcd_certs_path not found" ; exit 1 }
  if not ($run_root | path join $etcd_certs_path | path exists) { ^mkdir -p ($run_root | path join $etcd_certs_path)  }
  let etcd_cluster_name = ($defs.taskserv.etcd_cluster_name  | default "")
  if $etcd_cluster_name == "" { 
    print $"🛑 etcd_cluster_name not found in taskserv definition"  
    return false
  }
  let etcd_peer = ($defs.taskserv.etcd_peers | default "")
  for name in [ca $etcd_peer $etcd_cluster_name] {
    if not ($src | path join $"($name).key" | path exists) { continue }
    open ($src | path join $"($name).key") -r | from json | 
    if (sops_cmd "is_sops" ($src | path join $"($name).key")) { 
      let content = (sops_cmd "decrypt" ($src | path join $"($name).key") --error_exit)
      if $content != ""  { $content | save -f ($run_root | path join $etcd_certs_path | path join $"($name).key") } 
    } else {
      cp ($src | path join $"($name).key") ($run_root | path join $etcd_certs_path | path join $"($name).key" )
    }
  }
  if ($run_root | path join $etcd_certs_path | path join $"($etcd_peer).key" | path exists ) {
    (cp ($run_root | path join $etcd_certs_path | path join $"($etcd_peer).key") 
      ($run_root | path join $etcd_certs_path | path join "server.key"))
    (mv ($run_root | path join $etcd_certs_path | path join $"($etcd_peer).key")
      ($run_root | path join $etcd_certs_path | path join "peer.key"))
  }
  if ($src | path join "ca.crt" | path exists)  {
    cp ($src | path join "ca.crt") ($run_root | path join $etcd_certs_path | path join "ca.crt")
  }
  if ($src | path join $"($etcd_peer).crt" | path exists)  {
    cp ($src | path join $"($etcd_peer).crt") ($run_root | path join $etcd_certs_path | path join "server.crt")
    cp ($src | path join $"($etcd_peer).crt") ($run_root | path join $etcd_certs_path | path join "peer.crt")
  }
  if ($run_root | path join $etcd_certs_path | path join $"($etcd_cluster_name).key" | path exists)  {
    ( mv ($run_root | path join $etcd_certs_path | path join $"($etcd_cluster_name).key")
      ($run_root | path join $etcd_certs_path | path join "healthcheck-client.key"))
  }
  if ($src | path join $"($etcd_cluster_name).crt" | path exists)  {
    ( cp ($src | path join $"($etcd_cluster_name).crt") 
      ($run_root | path join $etcd_certs_path | path join "healthcheck-client.crt"))
  }
  print $"ETCD Certs copied from ($src) to ($run_root | path join $etcd_certs_path)"
  true
}

def main [] { 
  let K8S_MODE = ( $defs.taskserv.mode | default "") 
  let run_root = $env.PROVISIONING_WK_ENV_PATH
  let TEMPLATES_PATH = ($run_root | path join "templates")

  # If HOSTNAME == K8S_MASTER it will be MASTER_0
  # othewise set HOSTNAME value to be resolved in same K8S_MASTER network
  # By using -cp- as part of HOSTNAME will be consider node as controlpanel
  # Other options = "-wk-0"  or "-wkr-0" for worker nodes

  #if ($defs.server.hostname | str contains "-cp-") and $K8S_MODE != "controlplane" and $K8S_MODE == "" {
  let K8S_MASTER = if $defs.taskserv.cp_name == $defs.server.hostname {
    ($defs.server.hostname | default "")
  } else {
    ($defs.taskserv.cp_name | default "")
  }
  let K8S_TPL = ($defs.taskserv.tpl | default "" | str replace ".j2" "")
  let K8S_CONFIG = ($K8S_TPL | str replace ".j2"  "")
  #if ( $defs.server.hostname != "" and $defs.server.hostname == $K8S_MASTER 
  if  ($K8S_MODE == "controlplane" and $K8S_TPL != "" ) {
    if not ($run_root | path join "resources" | path exists) { ^mkdir -p ($run_root | path join "resources") }
    if ($TEMPLATES_PATH | path join $K8S_TPL | path exists ) {
      cp ($TEMPLATES_PATH | path join $K8S_TPL) ($run_root | path join "resources"| path join $K8S_CONFIG)
    } else if ($TEMPLATES_PATH | path join $"($K8S_TPL).j2" | path exists) { 
      cp ($TEMPLATES_PATH | path join $"($K8S_TPL).j2") ($run_root | path join "resources"| path join $"($K8S_CONFIG).j2")
    }
  }
  let res = if $K8S_MODE == "controlplane" and $defs.taskserv.etcd_mode == "external"  { 
    copy_certs $run_root
  } else { true }
  rm -rf ($run_root | path join "templates")
  $res
}
