#!/bin/bash

set -e

PLUGIN_COMPOSE=${PLUGIN_COMPOSE:-compose.yml}
PLUGIN_HOST=${PLUGIN_HOST:-swarm.autonomic.zone}
PLUGIN_PORT=${PLUGIN_PORT:-222}
PLUGIN_PURGE=${PLUGIN_PURGE:-"false"}
PLUGIN_USER=${PLUGIN_USER:-drone}
PLUGIN_RM=${PLUGIN_RM:-"false"}

REMOTE_DOCKER_HOST="ssh://$PLUGIN_USER@$PLUGIN_HOST:$PLUGIN_PORT"

create_networks() {
  echo "--- start create_networks ---"
  IFS=',' read -ra NETWORKS <<< "$PLUGIN_NETWORKS"
  for NETWORK in "${NETWORKS[@]}"; do
    echo "$NETWORK"
    docker -H "$REMOTE_DOCKER_HOST" \
      network create --driver=overlay "$NETWORK" --scope swarm || true
    until [ -n "$(docker -H "$REMOTE_DOCKER_HOST" network ls -f "name=$NETWORK" -q)" ]; do sleep 1; done
  done
  echo "--- end create_networks ---"
}

generate_secrets() {
  echo "--- start secrets ---"
  # FIXME 3wc: use the yq docker image instead; couldn't easily get it working
  VERSION=3.4.0
  BINARY=yq_linux_amd64
  wget https://github.com/mikefarah/yq/releases/download/${VERSION}/${BINARY} -O /usr/bin/yq &&\
    chmod +x /usr/bin/yq

  for SECRET in $(yq r "$PLUGIN_COMPOSE" 'secrets.*.name'); do
    SECRET=$(eval echo "$SECRET")
    if docker -H "$REMOTE_DOCKER_HOST" secret ls | grep -q "$SECRET"; then
      echo "Skipping existing secret $SECRET"
    else
      eval "echo \"generating $SECRET\""
      PW=$(</dev/urandom tr -dc 'A-Za-z0-9' | head -c 40; echo)
      eval "echo \"$PW\" | docker -H \"$REMOTE_DOCKER_HOST\" secret create \"$SECRET\" -";
    fi
  done
  echo "--- end secrets ---"
}

load_deploy_key() {
  echo "--- start ssh key load ---"
  mkdir -p "$HOME/.ssh/"
  ssh-keyscan -p "$PLUGIN_PORT" "$PLUGIN_HOST" > "$HOME/.ssh/known_hosts"

  # shellcheck disable=SC2046,SC2006
  eval `ssh-agent`
  echo "$PLUGIN_DEPLOY_KEY" | ssh-add -
  echo "--- end ssh key load ---"
}

output_versions(){
  echo "--- start versions"
  docker version
  echo "--- end versions"
}

run_stack_deploy() {
  echo "--- start deploy ---"
  docker -H "$REMOTE_DOCKER_HOST" stack deploy -c "$PLUGIN_COMPOSE" "$PLUGIN_STACK"
  echo "--- end deploy ---"
}

run_stack_wait() {
  export DOCKER_HOST="$REMOTE_DOCKER_HOST"
  docker run --rm vitalets/docker-stack-wait-deploy \
    | sed 's/True/true/' \
    | bash /dev/stdin "$PLUGIN_STACK"
  unset DOCKER_HOST
}

run_stack_rm() {
  echo "--- start stack rm ---"
  docker -H "$REMOTE_DOCKER_HOST" stack rm "$PLUGIN_STACK"

  # See https://github.com/moby/moby/issues/30942#issuecomment-540699206
  until [ -z "$(docker -H "$REMOTE_DOCKER_HOST" stack ps "$PLUGIN_STACK" -q)" ]; do sleep 1; done

  echo "--- end stack rm ---"
}

run_purge() {
  echo "--- start purge ---"
  docker -H "$REMOTE_DOCKER_HOST" stack rm "$PLUGIN_STACK"

  # See https://github.com/moby/moby/issues/30942#issuecomment-540699206
  until [ -z "$(docker -H "$REMOTE_DOCKER_HOST" stack ps "$PLUGIN_STACK" -q)" ]; do sleep 1; done
  docker -H "$REMOTE_DOCKER_HOST" system prune --all --volumes --force

  # try and remove all secrets; Docker will leave ones which are in use
  docker -H "$REMOTE_DOCKER_HOST" secret ls --format '{{ .Name }}' | xargs -i sh -c "echo {}; docker -H \"$REMOTE_DOCKER_HOST\" secret rm {} || true"
  echo "--- end purge ---"
}

run_plugin() {
  echo "--- start ssh-stack-deploy ---"
  load_deploy_key
  output_versions

  if [ -n "$PLUGIN_NETWORKS" ]; then
    create_networks
  fi

  if [ -n "$PLUGIN_GENERATE_SECRETS" ]; then
    generate_secrets
  fi

  if [ "$PLUGIN_RM" == "true" ]; then
    run_stack_rm
  fi

  run_stack_deploy

  run_stack_wait

  if [ "$PLUGIN_PURGE" == "true" ]; then
    run_purge
  fi

  echo "--- end ssh-stack-deploy ---"
}

run_plugin