#!/usr/bin/env bash

LABEL="${1:-local-garden}"
SCRIPTPATH="$( cd "$(dirname "$0")" ; pwd -P )"

IMAGE=k8s.gcr.io/kube-controller-manager:v1.17.9
MOUNTS="-v $SCRIPTPATH/certificates/certs:/certs -v $SCRIPTPATH/certificates/keys:/keys -v $SCRIPTPATH/kubeconfigs/default-controller-manager.conf:/kubeconfig"

echo "Starting gardener-dev kube-controller-manager!"
docker run -d --name kube-controller-manager -l $LABEL --network gardener-dev --rm $MOUNTS $IMAGE /usr/local/bin/kube-controller-manager \
  --authentication-kubeconfig="/kubeconfig" \
  --authorization-kubeconfig="/kubeconfig" \
  --cluster-signing-cert-file="/certs/ca.crt" \
  --cluster-signing-key-file="/keys/ca.key" \
  --controllers="namespace,serviceaccount,serviceaccount-token,clusterrole-aggregation,garbagecollector,csrapproving,csrcleaner,csrsigning,bootstrapsigner,tokencleaner" \
  --kubeconfig="/kubeconfig" \
  --root-ca-file="/certs/ca.crt" \
  --service-account-private-key-file="/keys/sa.key" \
  --use-service-account-credentials=true \
  --v=5
