#!/bin/bash
#
# Copyright (c) 2018 SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -e

DEV_DIR=$(dirname "${0}")/../../dev
EXAMPLE_DIR=$(dirname "${0}")/../../example

source $(dirname "${0}")/common/helpers
kubernetes_env="$(k8s_env)"

# test if we are running against a Minikube, Docker or kind Kubernetes local setup
case "${kubernetes_env}" in
    $NODELESS)
        echo "Found Nodeless Kubernetes ..."
        ;;
    $KIND)
        echo "Found kind ..."
        LOCAL_K8S_HOST_IP=localhost
        ETCD_DATA_DIR="/var/lib/docker/gardener/gardener-etcd"
        ;;
    $DOCKER_FOR_DESKTOP)
        echo "Found Docker Kubernetes ..."
        LOCAL_K8S_HOST_IP=localhost
        ETCD_DATA_DIR="/Users/$(whoami)/.docker/gardener-etcd"
        ;;
    $MINIKUBE)
        echo "Found Minikube ..."
        LOCAL_K8S_HOST_IP="$(minikube ip)"
        ETCD_DATA_DIR="/data/gardener-etcd"
        if [[ "$(uname)" == "Darwin" ]]; then
          echo "After OSX sleep, minikube's time is off."
          echo "This results in x509 certificate auth to not work for shoot certificates"
          minikube ssh -- docker run -i --rm --privileged --pid=host alpine:3.10.3 nsenter -t 1 -m -u -n -i date -u $(date -u +%m%d%H%M%Y)
        fi
        ;;
 esac

mkdir -p ${DEV_DIR}

cp ${EXAMPLE_DIR}/20-componentconfig-*.yaml ${DEV_DIR}/

kubectl apply -f ${EXAMPLE_DIR}/00-namespace-garden.yaml
kubectl apply -f ${EXAMPLE_DIR}/00-namespace-garden-dev.yaml

if [ "${kubernetes_env}" != $NODELESS ] ; then
  cat <<EOF | kubectl apply -f -
apiVersion: apps/v1
kind: Deployment
metadata:
  name: etcd
  namespace: garden
spec:
  replicas: 1
  selector:
    matchLabels:
      run: etcd
  template:
    metadata:
      labels:
        run: etcd
    spec:
      containers:
      - image: quay.io/coreos/etcd:v3.3.17
        name: etcd
        command:
        - etcd
        - -advertise-client-urls=http://${LOCAL_K8S_HOST_IP}:2379
        - -listen-client-urls=http://0.0.0.0:2379
        - -data-dir=/etcd-data
        volumeMounts:
        - mountPath: /etcd-data
          name: data
      volumes:
      - name: data
        hostPath:
          path: ${ETCD_DATA_DIR}
---
apiVersion: v1
kind: Service
metadata:
  name: etcd
  namespace: garden
spec:
  ports:
  - port: 2379
    nodePort: 32379
  selector:
    run: etcd
  type: NodePort
EOF
fi

mkdir -p ${DEV_DIR}/tls

cat <<EOF > "${DEV_DIR}/tls/gardener-admission-controller-ca.crt"
-----BEGIN CERTIFICATE-----
MIIDYDCCAkigAwIBAgIUaa2cFO/CSVrvq8O/0geuMtXLOsIwDQYJKoZIhvcNAQEL
BQAwSDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1TYW4gRnJh
bmNpc2NvMRQwEgYDVQQDEwtleGFtcGxlLm5ldDAeFw0xODA4MTYyMDMyMDBaFw0y
MzA4MTUyMDMyMDBaMEgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UE
BxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEAxMLZXhhbXBsZS5uZXQwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5C8/vhXuEyd0fT6blHpkklDbcnurD4K6S
bFhdLZeGCI+vKW34OtAs8SpAvkJk1/AOgFldPFi7Fa8YmgJCzbGnylFqqrawdBhH
tVYxCAe14u2Sdiq1sOgurDtQ3Gh+Eu5u+P0l16y0dyQxl4dDtwHfz4jrNVadnWDc
T/+PPsd46i0+cOYhkDk7R54EuG+1kXakG4sXVpKy1TMwoynrBVh42L3bskqrVnpT
+gcAzCtoia8XRJ/jhoscXtR0r1tKi3g1J4qA7uX4I9rTsgOBck0exJPRgEmwuO5F
sZ44E8MIox+FVH9NDTcBdIT95XUlcanHJ+PZkRUXZysiM9lnIjBjAgMBAAGjQjBA
MA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQUJU2I
iCrYttHhNhj5hwsQI+MIljANBgkqhkiG9w0BAQsFAAOCAQEATe93evEAI8mdipdm
jpFB9+0W3C2kO1/CtBujN3Pveg98lU9pkKiU9WQ/z+bZDWzTzISvV32OVJCmQSzr
VDRT03cljPiBX9oF577M16O3ZrvPWt1Qz6XzmbOav5bvBWi9iUdLHJm8p6CDHKYX
IDewlUH8+AFiMtwLer4QdWQRy+0iNdnXB8BbvwBlaqMhRZajw2io7yGZgqWVb9ry
6Tl6queZZk2NyK3IDmm7a1exLXPR8vSd2QB6bSBMR75p/FmcVCuW642TYNq0QoUs
W9yT3v1pxQfXki6VLd7/v8BxpNQ3k1V3MKXiK8B08GsD6Ikk9GgMVcdX4ZBemZf3
0cUD2Q==
-----END CERTIFICATE-----
EOF

cat <<EOF > "${DEV_DIR}/tls/gardener-admission-controller-ca.key"
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAuQvP74V7hMndH0+m5R6ZJJQ23J7qw+CukmxYXS2XhgiPrylt
+DrQLPEqQL5CZNfwDoBZXTxYuxWvGJoCQs2xp8pRaqq2sHQYR7VWMQgHteLtknYq
tbDoLqw7UNxofhLubvj9JdestHckMZeHQ7cB38+I6zVWnZ1g3E//jz7HeOotPnDm
IZA5O0eeBLhvtZF2pBuLF1aSstUzMKMp6wVYeNi927JKq1Z6U/oHAMwraImvF0Sf
44aLHF7UdK9bSot4NSeKgO7l+CPa07IDgXJNHsST0YBJsLjuRbGeOBPDCKMfhVR/
TQ03AXSE/eV1JXGpxyfj2ZEVF2crIjPZZyIwYwIDAQABAoIBAFUOZOnIBVqoHwfB
aQlv4xy5M+587ZRTtmp/eq55wmhNjx4IgQ/UmNPPlohj68jGqQVBYdJFZtO3x+Ab
CmcCfWKO0JWjGo5JDtAHPjMTadflEyZ7Qm55fn/Vkv48EZvBv+8qa9H1LOFW0kAp
UneBq07g6iKTRdj0+gzKiMGjLbUZxtNtcDPiIc/Pzs/tSDyxVrtmcKoNd9yx30gJ
3EXFybgt8h1m+cJVEGdpSajWk/rZ0wIXp4FAa5V87EAWbBuBwsvV9xw1Wzao2o4a
p7QdogVPIhqEtbXXTiUN/BwlwUeE8wG5EagmMl3Mc+J3KCEQBTxOW+3Ga4Itr0q4
iyZZKsECgYEA2Yft11w+VNLGwzT+d7fIVpspu3xOZ7w+Vcq3oWmeUK/umHvKOFWK
UrkNGNp8R/94kOjcci6GfR3yx9wvfpJlOTuoQbYw3uH1zHzqE5jzrjC+JpiDfCP+
LyV7qzET5uy63KOnyXJUOSK73fOmOs0aWa8c7bx6uFXoK2U3qYWOQukCgYEA2cU6
hSgVTXaqIjuNB1+R0t1sfZOjKKrWq2mU4gL/5oXq6IhzYaEaAk+d9LE0akglf297
B+7stKT7jVoZk3t9hR9KbzgpR6xB9yosEI0/GqOAxZcFkjXnNZZ4f1TlKc5IXxtc
Hl86WNW5JekUAD/dbdW566SHYKjxcLoY3HAs0WsCgYANy2ztx0+8mVE5d9bbSLBP
ra9L0Go4cduSHTTf6466ly2ORetg/yuya0HFXbWb6zt+FQZFx2WH8ao/ulrYr/fz
VTEqWZ9nwvSPbyx46a4qUbT9RZaw/KdV3g6loIsejcybyVUOlU16AhXf0V+tQux0
24H+IYG2xtveRKDvAyUuYQKBgDGmdAcz8lds/LE9XpQVyAuJjFi9Nm/pM3R1aAp3
oJyQX9SQd64Eqwdn252UYVzyAgqiAiz23mT5UJkTt80WVLHrRm9BILhEn+2YYd+M
NJ0ANjXWjuCdBZAENIjjdDQp4fo9JK2QDJ+AauwnzfWYmgWWuwLsyijRm+qVo2Fu
+ejtAoGAHOHw1DoNmh4LoUDWDPKR0UoVZWgOo3wndmcYqV/Kk2560G2kVR0Btd5n
uoWNQSPM0GqVD1NCoRZJ5aR94JFCYuR5eM6TMojLIWrqXiPlxdVT5g4M52z2u+Dw
odantUaElD11+qUTVFasf6p26Z6YhVbTB8TUhlgRKc5xQFnE3BY=
-----END RSA PRIVATE KEY-----
EOF

cat <<EOF > "${DEV_DIR}/tls/gardener-admission-controller.crt"
-----BEGIN CERTIFICATE-----
MIIEEzCCAvugAwIBAgIJAKVcj0hHoSuaMA0GCSqGSIb3DQEBBQUAMEgxCzAJBgNV
BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIG
A1UEAxMLZXhhbXBsZS5uZXQwHhcNMjAwOTA4MTcyMjQ2WhcNMzAwOTA2MTcyMjQ2
WjBgMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
U2FuIEZyYW5jaXNjbzERMA8GA1UECgwIZ2FyZGVuZXIxETAPBgNVBAMMCGdhcmRl
bmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAragksFWulbJPWT/U
npbtg79pOLzsXF2RIyaUOD0HCk9QlrP8a5ojglzEvuNF8NVZeaj090nFRE51Vnou
qUgktnaHNwL3fuZcVyl5J66asiskPsfZcxT5nOC1uIegQWa8bSiqnPRbQUX3QNFS
zA9RmRSTjbRPzBm72Y2grV+vNYysuq1p8l/qs2GDJZTuLpMBYGrWxcmD6bgLy1Um
gCzK58fFnMR8Muq+jCIPsSD1FMD3Q6FVMXi58pHufxl6UgmzbO0phs5SsBE0mhIX
2OHx1VHsk/2OH4GKpOBppcyQLdtpxxfsX8Xg6gazVH5G6nT/rFVUM/S+4UJCOYyd
eQZ/QQIDAQABo4HnMIHkMAkGA1UdEwQCMAAwHQYDVR0OBBYEFAKLcqSN8WadFaaC
aMgbPTrlPUSBMAsGA1UdDwQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
BQUHAwEwgYsGA1UdEQSBgzCBgIcEfwAAAYIJbG9jYWxob3N0gh1nYXJkZW5lci1h
ZG1pc3Npb24tY29udHJvbGxlcoIkZ2FyZGVuZXItYWRtaXNzaW9uLWNvbnRyb2xs
ZXIuZ2FyZGVugihnYXJkZW5lci1hZG1pc3Npb24tY29udHJvbGxlci5nYXJkZW4u
c3ZjMA0GCSqGSIb3DQEBBQUAA4IBAQClPcPMvtjLs/XHQZ+AZ8iCC8PJlbFRp6EW
MABvamp4b/WjC05CM0/bGhxqSTriUHliQsSuxL4LjkX0y9vT1SZlXQ4ukvYh5Nlb
Ocy/OJH67ulKu+gk45P72ZDE9ctnYGY7CXqPwolPHQDYPfpp9JHlnrhctGwG79UD
ZAAbhemvzKSoyiKE/PLutGtPvcEoRi9ZDLl/6/BerTUxm1svo00FBqzUla74btuW
uViZCXagBrBGzjEK1hC6jmD4jxQJWpM1l1B0JnIaP8zG/baBtFLwR93kZKm3MabS
z8pIqr/J04+HQR+VcLkCe7kaJc/sQlN5Ov6snGPvGenPkL5gMrD6
-----END CERTIFICATE-----
EOF

cat <<EOF > "${DEV_DIR}/tls/gardener-admission-controller.key"
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAragksFWulbJPWT/Unpbtg79pOLzsXF2RIyaUOD0HCk9QlrP8
a5ojglzEvuNF8NVZeaj090nFRE51VnouqUgktnaHNwL3fuZcVyl5J66asiskPsfZ
cxT5nOC1uIegQWa8bSiqnPRbQUX3QNFSzA9RmRSTjbRPzBm72Y2grV+vNYysuq1p
8l/qs2GDJZTuLpMBYGrWxcmD6bgLy1UmgCzK58fFnMR8Muq+jCIPsSD1FMD3Q6FV
MXi58pHufxl6UgmzbO0phs5SsBE0mhIX2OHx1VHsk/2OH4GKpOBppcyQLdtpxxfs
X8Xg6gazVH5G6nT/rFVUM/S+4UJCOYydeQZ/QQIDAQABAoIBAAlb4n5OX9ZZgcVB
l2fkonBTRIx2QhbIRCYs0hgl0ddQZvt4P8ZczEUeUswm24IbPXM9E9av9x2zTMeY
ViNxa+kZgjgIxOXl7FwWNB1bX6LyiEWJ58I4AyvdQG3tgUmFC+qmImvLD4/5AVZQ
8bFlsfQaE8mzSgmp6WHULDCr03mDQKAglJQ3oUWJFfqDQUDTf8SpRBw9S0WewpFX
hs9BF6YPxcI6rFqNge8MAUXWeBkP8BQV4S59xtq3szK4ydVCJlSyKaUYpThHiBRU
WU9VSyfA4t68ouUcSYDJ3boR9odYTYU2QdjQxYkOyyNvnqLE4kMP1x7+0zbxrKyy
1LezzkECgYEA2AM1SHzFY35oIt8Lvd0nGkCZFJ8zI8JNPV7HeaJYyfj9MpRrKD5i
2ZRDU1wZ97ML9gMwsTbasW0Nb6aLDQLdZI5boS8XfPRqGUTYkuPj+VzGRlmlx7We
KDVZzPVoNd71H4rPPjfTDGyfoI9jpjyVGJWTuKy2UQgzU/9GP2cQzsUCgYEAzc20
rEYKnpslMHe7puPG5RVOqIdRsyZmcaRbN9OwIguJELaPWx1GVkl8uCPCbZ1tmgnL
AQRCnFhlC5JlggkDdYM1Kwq4HdszHMrmxewbEnzkLMdHtg0sQU6FRSM5HHXVaW/n
6jyiD8p/aZWlo7H35DGRCFU8h4XJYJMGxa2b9k0CgYBSZqbkx/PkSEwhQUSRYNOR
yCKdIz223l/okUc2tx93rGup58QYzfOXXF9yZSfivYJKjlz8vRgfpqIBfV590CH0
QfniOryTBgmTKhgTsKs+bI2WOIxs6nMyk2d2MAdYxXxsU99KtLDlhGpALXKt715Q
yn5XbEsADkjGOhLqDL70oQKBgDagx7iCzwbSv8hhv9nI1F6yjTKG2NTo+IBp1By5
gCNJVJSvINZaqvT0hLqMI2vdQd6FgvE+JEBD5m5v6aneoqBqt445Ri4GpUabRS58
QaNiq16Hdy2HyZt8MDvt4ZcAYCmgnrq6ZXozkiaApnsRHm/gCFNh7LM8e/u6iy2l
q6RxAoGBAMa+VsZ2EPYQ+g9IFTydvkx0MZOL7b08z3F3875k+vU5EJOWanv5DF/f
nIjRtpdOj7GZ4IZYyIAdBNlgPoCX6rc8mhQA4ehT0CN/D/xIkKIz76CtCVtUhE0P
9vnayDhnZXJcT8dPkJHYucd+rydSy2PZUVU2LospQ+V9scuThRID
-----END RSA PRIVATE KEY-----

EOF

$(dirname "${0}")/dev-setup-register-gardener "$@"
