#!/bin/bash -e

# Copyright (C) 2020 The Android Open Source Project
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

usage() {
    me=`basename "$0"`
    echo >&2 "Usage: $me [--output OUTPUT] [--dryrun] CONFIG"
    exit 1
}

while test $# -gt 0 ; do
  case "$1" in
  --output)
    shift
    OUTPUT=$1
    shift
    ;;

  --dryrun)
    DRYRUN="true"
    shift
    ;;

  *)
    break
  esac
done

test -z "$OUTPUT" && OUTPUT="$(dirname $0)/dist"

CONFIG=$1
test -z "$CONFIG" && usage

NAMESPACE=$(yq r $CONFIG namespace)
TMP_CONFIG=$OUTPUT/$(basename $CONFIG)

function updateOrInstall() {
  if test -n "$(helm ls -n $NAMESPACE --short | grep $1)"; then
    echo "upgrade"
  else
    echo "install"
  fi
}

function addHtpasswdEntryUnencrypted() {
  local COMPONENT=$1

  local HTPASSWD=$(htpasswd -nb \
    $(yq r $TMP_CONFIG $COMPONENT.username) \
    $(yq r $TMP_CONFIG $COMPONENT.password))

  yq w -i $TMP_CONFIG $COMPONENT.htpasswd $HTPASSWD
}

function addHtpasswdEntryEncrypted() {
  local COMPONENT=$1

  local HTPASSWD=$(htpasswd -nb \
    $(sops -d --extract "$COMPONENT['username']" $TMP_CONFIG) \
    $(sops -d --extract "$COMPONENT['password']" $TMP_CONFIG))

  sops --set "$COMPONENT['htpasswd'] \"$HTPASSWD\"" $TMP_CONFIG
}

function addDashboards() {
  for dashboard in dashboards/*; do
    local DASHBOARD_NAME="${dashboard%.json}"
    local DASHBOARD_NAME="${DASHBOARD_NAME#"dashboards/"}"

    kubectl create configmap $DASHBOARD_NAME \
      --from-file=$dashboard \
      --dry-run=true \
      --namespace=$NAMESPACE \
      -o yaml > $OUTPUT/dashboards/$DASHBOARD_NAME.dashboard.yaml

    yq w -i $OUTPUT/dashboards/$DASHBOARD_NAME.dashboard.yaml \
      metadata.labels.grafana_dashboard $DASHBOARD_NAME
  done
}


function runYtt() {
  ytt \
    -f charts/namespace.yaml \
    -f charts/prometheus/ \
    -f charts/loki/ \
    -f charts/grafana/ \
    -f promtail/ \
    --output-directory $OUTPUT \
    --ignore-unknown-comments \
    -f $1
}

mkdir -p $OUTPUT
cp $CONFIG $TMP_CONFIG

# Fill in templates
if test -z "$(grep -o '^sops:$' $TMP_CONFIG)"; then
  addHtpasswdEntryUnencrypted loki
  addHtpasswdEntryUnencrypted prometheus.server
  echo -e "#@data/values\n---\n$(cat $TMP_CONFIG)" | runYtt -
else
  addHtpasswdEntryEncrypted "['loki']" $TMP_CONFIG
  addHtpasswdEntryEncrypted "['prometheus']['server']" $TMP_CONFIG
  echo -e "#@data/values\n---\n$(sops -d $TMP_CONFIG)" | runYtt -
fi

# Create configmaps with dashboards
mkdir -p $OUTPUT/dashboards
addDashboards

test -n "$DRYRUN" && exit 0

# Install loose components
kubectl apply -f $OUTPUT/namespace.yaml
kubectl apply -f $OUTPUT/configuration
kubectl apply -f $OUTPUT/dashboardsq
kubectl apply -f $OUTPUT/storage

# Add Loki helm repository
helm repo add loki https://grafana.github.io/loki/charts
helm repo update

# Install Prometheus
PROMETHEUS_CHART_NAME=prometheus-$NAMESPACE
helm $(updateOrInstall $PROMETHEUS_CHART_NAME) $PROMETHEUS_CHART_NAME \
  stable/prometheus \
  --version $(cat ./charts/prometheus/VERSION) \
  --values $OUTPUT/prometheus.yaml \
  --namespace $NAMESPACE

# Install Loki
LOKI_CHART_NAME=loki-$NAMESPACE
helm $(updateOrInstall $LOKI_CHART_NAME) $LOKI_CHART_NAME \
  loki/loki \
  --version $(cat ./charts/loki/VERSION) \
  --values $OUTPUT/loki.yaml \
  --namespace $NAMESPACE

# Install Grafana
GRAFANA_CHART_NAME=grafana-$NAMESPACE
helm $(updateOrInstall $GRAFANA_CHART_NAME) $GRAFANA_CHART_NAME \
  stable/grafana \
  --version $(cat ./charts/grafana/VERSION) \
  --values $OUTPUT/grafana.yaml \
  --namespace $NAMESPACE