#!/bin/bash

if [ "$IMAGE_TAG" == "" ]; then
  echo "Make sure IMAGE_TAG is set"
  exit 1
fi
if [ "$GPG_PASSPHRASE" == "" ]; then
  echo "Make sure GPG_PASSPHRASE is set"
  exit 1
fi

IMAGE_NAME=gitea.hottis.de/wn/numbers
NAMESPACE=homea
DEPLOYMENT_DIR=$PWD/deployment

pushd $DEPLOYMENT_DIR > /dev/null
kubectl create namespace $NAMESPACE \
  --dry-run=client \
  -o yaml | \
  kubectl -f - apply

# SECRETS_FILE=`mktemp`
# gpg --decrypt --passphrase $GPG_PASSPHRASE --yes --batch --homedir /tmp/.gnupg --output $SECRETS_FILE secrets.asc
# . $SECRETS_FILE
# rm $SECRETS_FILE
eval "`cat secrets.asc | /usr/local/bin/decrypt-secrets.sh`"

kubectl create secret generic numbers \
  --dry-run=client \
  -o yaml \
  --save-config \
  --from-literal=REDIS_URL="$REDIS_URL" \
  --from-literal=SECRET_KEY="$SECRET_KEY" \
  --from-literal=PGPASSWORD="$PGPASSWORD" \
  --from-literal=PGUSER="$PGUSER" \
  --from-literal=PGHOST="$PGHOST" \
  --from-literal=PGSSLMODE="$PGSSLMODE" \
  --from-literal=PGDATABASE="$PGDATABASE" \
  --from-literal=OIDC_CLIENT_SECRETS="$OIDC_CLIENT_SECRETS" | \
  kubectl apply -f - -n $NAMESPACE

cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
  sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
  kubectl apply -f - -n $NAMESPACE

popd > /dev/null