#!/usr/bin/env bash

function gitops_aiservice_tenant_help() {
  [[ -n "$1" ]] && echo_warning "$1"
  reset_colors
  cat << EOM
Usage:
  mas gitops-aiservice-tenant [options]
Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable.
When no options are specified on the command line, interactive-mode will be enabled by default.

Basic Configuration:
  -d, --dir ${COLOR_YELLOW}GITOPS_WORKING_DIR${TEXT_RESET}                                                  Directory for GitOps repository
  -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET}                                                   Account name that the cluster belongs to
  -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET}                                                   Cluster ID
  -i, --Instance-id ${COLOR_YELLOW}INSTANCE_ID${TEXT_RESET}                                                 Instance ID

ibm_aiservice_tenant(required):
      --aiservice-instance-id ${COLOR_YELLOW}AISERVICE_INSTANCE_ID${TEXT_RESET}                             The AiService instance ID used by AI Service
      --tenantNamespace ${COLOR_YELLOW}TENANT_NAMESPACE${TEXT_RESET}                                        The tenant's Kubernetes namespace
      --tenant-id ${COLOR_YELLOW}TENANT_ID${TEXT_RESET}                                                     The tenant ID for the AI Service instance
      --cluster-domain ${COLOR_YELLOW}CLUSTER_DOMAIN${TEXT_RESET}                                           The domain name of the Kubernetes cluster (e.g., cluster.local)
      --drocfg-url ${COLOR_YELLOW}DROCFG_URL${TEXT_RESET}                                                   URL of the DRO configuration service
      --slscfg-url ${COLOR_YELLOW}SLSCFG_URL${TEXT_RESET}                                                   URL of the SLS configuration service
      --aiservice-watsonxai-url ${COLOR_YELLOW}AISERVICE_WATSONXAI_URL${TEXT_RESET}                         Endpoint URL for Watsonx.ai
      --aiservice-watsonx-full ${COLOR_YELLOW}AISERVICE_WATSONX_FULL${TEXT_RESET}                           Full URL for Watsonx.ai including API key

AiService :
--aiservice-namespace ${COLOR_YELLOW}AISERVICE_NAMESPACE${TEXT_RESET}                                       The namespace where AI Service is deployed
--aiservice-provision-tenant ${COLOR_YELLOW}AISERVICE_PROVISION_TENANT${TEXT_RESET}                         Whether to provision the AI Service tenant
--aiservice-instance-id ${COLOR_YELLOW}AISERVICE_INSTANCE_ID${TEXT_RESET}                                   The AI Service instance ID
--tenantNamespace ${COLOR_YELLOW}TENANT_NAMESPACE${TEXT_RESET}                                              The tenant's Kubernetes namespace
--tenant-id ${COLOR_YELLOW}TENANT_ID${TEXT_RESET}                                                           The tenant ID for the AI Service instance
--cluster-domain ${COLOR_YELLOW}CLUSTER_DOMAIN${TEXT_RESET}                                                 The domain name of the Kubernetes cluster (e.g., cluster.local)
--in-saas-env ${COLOR_YELLOW}IN_SAAS_ENV${TEXT_RESET}                                                       Whether the environment is SaaS (true/false)
--aiservice_operator_log_level ${COLOR_YELLOW}AISERVICE_OPERATOR_LOG_LEVEL${TEXT_RESET}                     Log level for the AI Service operator (e.g., info, debug)
--mas-icr-cp ${COLOR_YELLOW}MAS_ICR_CP${TEXT_RESET}                                                         IBM Cloud Pak container registry URL
--mas-icr-cpopen ${COLOR_YELLOW}MAS_ICR_CPOPEN${TEXT_RESET}                                                 IBM Cloud Pak Open container registry URL

DRO :
--drocfg-url ${COLOR_YELLOW}DROCFG_URL${TEXT_RESET}                                                         URL of the DRO configuration service

SLS :
--slscfg-url ${COLOR_YELLOW}SLSCFG_URL${TEXT_RESET}                                                          URL of the SLS configuration service
--aiservice-sls-subscription-id  ${COLOR_YELLOW}AISERVICE_SLS_SUBSCRIPTION_ID${TEXT_RESET}              Subscription ID associated with SLS

Watsonx :
--aiservice-watsonxai-url ${COLOR_YELLOW}AISERVICE_WATSONXAI_URL${TEXT_RESET}                          Endpoint URL for Watsonx.ai
--aiservice-watsonx-full ${COLOR_YELLOW}AISERVICE_WATSONX_FULL${TEXT_RESET}                            Full URL for Watsonx.ai including API key
--aiservice-watsonx-instance-id ${COLOR_YELLOW}AISERVICE_WATSONX_INSTANCE_ID${TEXT_RESET}              Watsonx.ai instance ID used by AI Service
--aiservice-watsonx-version ${COLOR_YELLOW}AISERVICE_WATSONX_VERSION${TEXT_RESET}                      Version of Watsonx.ai being used
--aiservice-watsonx-username ${COLOR_YELLOW}AISERVICE_WATSONX_USERNAME${TEXT_RESET}                    Username for Watsonx.ai access

Storage :
--aiservice-storage-provider ${COLOR_YELLOW}AISERVICE_STORAGE_PROVIDER${TEXT_RESET}                    The storage provider used by AI Service (e.g., S3, MinIO)
--aiservice-storage-region ${COLOR_YELLOW}AISERVICE_STORAGE_REGION${TEXT_RESET}                        Storage region used in STORAGE (if applicable)
--aiservice-storage_ssl ${COLOR_YELLOW}AISERVICE_STORAGE_SSL${TEXT_RESET}                              Whether STORAGE uses SSL (true/false)


Automatic GitHub Push (Optional):
  -P, --github-push ${COLOR_YELLOW}GITHUB_PUSH${TEXT_RESET}                                                  Enable automatic push to GitHub
  -H, --github-host ${COLOR_YELLOW}GITHUB_HOST${TEXT_RESET}                                                  GitHub Hostname for your GitOps repository
  -O, --github-org ${COLOR_YELLOW}GITHUB_ORG${TEXT_RESET}                                                    Github org for your GitOps repository
  -R, --github-repo ${COLOR_YELLOW}GITHUB_REPO${TEXT_RESET}                                                  Github repo for your GitOps repository
  -S, --github-ssh ${COLOR_YELLOW}GIT_SSH${TEXT_RESET}                                                       Git ssh key path
  -B, --git-branch ${COLOR_YELLOW}GIT_BRANCH${TEXT_RESET}                                                    Git branch to commit to of your GitOps repository
  -M, --git-commit-msg ${COLOR_YELLOW}GIT_COMMIT_MSG${TEXT_RESET}                                            Git commit message to use when committing to of your GitOps repository

Other Commands:
  -h, --help                                      Show this help message
EOM
  [[ -n "$1" ]] && exit 1 || exit 0
}

function gitops_aiservice_tenant_noninteractive() {
  GITOPS_WORKING_DIR=$PWD/working-dir
  SECRETS_KEY_SEPERATOR="/"
  GIT_COMMIT_MSG="gitops-aiservice-tenant commit"

  # adding default values 
  # all generic values should to put here 
  # check with ansible playbook/gitops envs 
  # only export below in whiel loop
  export REGION_ID=${REGION_ID:-${SM_AWS_REGION}}

  #adding default values # -- aiservice Defaults
  export AISERVICE_NAMESPACE=${AISERVICE_NAMESPACE:-"aiservice-${AISERVICE_INSTANCE_ID}"}
  export AISERVICE_PROVISION_TENANT=${AISERVICE_PROVISION_TENANT:-"provision-tenant"}
  export IN_SAAS_ENV=${IN_SAAS_ENV:-"true"}
  export MAS_ICR_CP=${MAS_ICR_CP:-"docker-na-public.artifactory.swg-devops.com/wiotp-docker-local"}
  export MAS_ICR_CPOPEN=${MAS_ICR_CPOPEN:-"docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen"}
  export AISERVICE_S3_BUCKET_PREFIX=${AISERVICE_S3_BUCKET_PREFIX:-"m"}
  export TENANT_ENTITLEMENT_TYPE=${TENANT_ENTITLEMENT_TYPE:-"standard"}
  export TENANT_ENTITLEMENT_START_DATE=${TENANT_ENTITLEMENT_START_DATE:-"2025-06-11"}
  export TENANT_ENTITLEMENT_END_DATE=${TENANT_ENTITLEMENT_END_DATE:-"2049-11-11"}
  # -- SLS Defaults
  export AISERVICE_SLS_SUBSCRIPTION_ID=${AISERVICE_SLS_SUBSCRIPTION_ID:-"001"}
  # -- STORAGE Defaults
  export AISERVICE_STORAGE_REGION=${AISERVICE_STORAGE_REGION:-""}

  while [[ $# -gt 0 ]]
  do
    key="$1"
    shift
    case $key in
      # GitOps Configuration
      -d|--dir)
        export GITOPS_WORKING_DIR=$1 && shift
        ;;
      -a|--account-id)
        export ACCOUNT_ID=$1 && shift
        ;;
      -c|--cluster-id)
        export CLUSTER_ID=$1 && shift
        ;;
      -i|--instance-id)
        export INSTANCE_ID=$1 && shift 
        ;;
      # AWS Secrets Manager Configuration
      --sm-aws-secret-region)
        export SM_AWS_REGION=$1
        export REGION_ID=$1
        shift
        ;;
      --sm-aws-access-key)
        export SM_AWS_ACCESS_KEY_ID=$1 && shift
        ;;
      --sm-aws-secret-key)
        export SM_AWS_SECRET_ACCESS_KEY=$1 && shift
        ;;
      --secrets-path)
        export SECRETS_PATH=$1 && shift
        ;;

      # -- aiservice
      --aiservice-namespace)
        export AISERVICE_NAMESPACE=$1 && shift
        ;;
      --aiservice-provision-tenant)
        export AISERVICE_PROVISION_TENANT=$1 && shift
        ;;
      --aiservice-instance-id)
        export AISERVICE_INSTANCE_ID=$1 && shift
        ;;
      --tenantNamespace)
        export TENANT_NAMESPACE=$1 && shift
        ;;
      --tenant-id)
        export TENANT_ID=$1 && shift
        ;;
      --cluster-domain)
        export CLUSTER_DOMAIN=$1 && shift
        ;;
      --in-saas-env)
        export IN_SAAS_ENV=$1 && shift
        ;;
      --mas-icr-cp)
        export MAS_ICR_CP=$1 && shift
        ;;
      --mas-icr-cpopen)
        export MAS_ICR_CPOPEN=$1 && shift
        ;;

      # -- DRO
      --drocfg-url)
        export DROCFG_URL=$1 && shift
        ;;

      # -- SLS
      --slscfg-url)
        export SLSCFG_URL=$1 && shift
        ;;

      --aiservice-sls-subscription-id )
        export AISERVICE_SLS_SUBSCRIPTION_ID=$1 && shift
        ;;

      # -- Watsonx
      --aiservice-watsonxai-url)
        export AISERVICE_WATSONXAI_URL=$1 && shift
        ;;
      --aiservice-watsonx-full)
        export AISERVICE_WATSONX_FULL=$1 && shift
        ;;
      --aiservice-watsonx-instance-id)
        export AISERVICE_WATSONX_INSTANCE_ID=$1 && shift
        ;;
      --aiservice-watsonx-version)
        export AISERVICE_WATSONX_VERSION=$1 && shift
        ;;
      --aiservice-watsonx-username)
        export AISERVICE_WATSONX_USERNAME=$1 && shift
        ;;
      --aiservice-operator-log-level)
        export AISERVICE_OPERATOR_LOG_LEVEL=$1 && shift
        ;;
      # -- STORAGE
      --aiservice-storage-region)
        export AISERVICE_STORAGE_REGION=$1 && shift
        ;;
      --aiservice-storage_ssl)
        export AISERVICE_STORAGE_SSL=$1 && shift
        ;;

      
      --rsl-url)
        export RSL_URL=$1 && shift
        ;;

      --aiservice-storage-provider)
        export AISERVICE_STORAGE_PROVIDER=$1 && shift
        ;;
      --aiservice-s3-endpoint-url)
        export AISERVICE_S3_ENDPOINT_URL=$1 && shift
        ;;

      --aiservice-s3-bucket-prefix)
        export AISERVICE_S3_BUCKET_PREFIX=$1 && shift
        ;;

      --tenant-entitlement-type)
        export TENANT_ENTITLEMENT_TYPE=$1 && shift
        ;;

      --tenant-entitlement-start-date)
        export TENANT_ENTITLEMENT_START_DATE=$1 && shift
        ;;

      --tenant-entitlement-end-date)
        export TENANT_ENTITLEMENT_END_DATE=$1 && shift
        ;;
        

      # Automatic GitHub Push
      -P|--github-push)
        export GITHUB_PUSH=true
        ;;
      -H|--github-host)
        export GITHUB_HOST=$1 && shift
        ;;
      -O|--github-org)
        export GITHUB_ORG=$1 && shift
        ;;
      -R|--github-repo)
        export GITHUB_REPO=$1 && shift
        ;;
      -B|--git-branch)
        export GIT_BRANCH=$1 && shift
        ;;
      -M|--git-commit-msg)
        export GIT_COMMIT_MSG=$1 && shift
        ;;

      # Other Commands
      -h|--help)
        gitops_aiservice_tenant_help
        ;;
      *)
        # unknown option
        echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n"
        gitops_aiservice_tenant_help  "Usage Error: Unsupported option \"${key}\" "
        exit 1
        ;;
      esac
  done

  [[ -z "$GITOPS_WORKING_DIR" ]] && gitops_aiservice_tenant_help "GITOPS_WORKING_DIR is not set"
  [[ -z "$ACCOUNT_ID" ]] && gitops_aiservice_tenant_help "ACCOUNT_ID is not set"
  [[ -z "$CLUSTER_ID" ]] && gitops_aiservice_tenant_help "CLUSTER_ID is not set"
  [[ -z "$REGION_ID" && -z "$SM_AWS_REGION" ]] && gitops_aiservice_tenant_help "REGION_ID or SM_AWS_REGION is not set"

  if [[ "$GITHUB_PUSH" == "true" ]]; then
    [[ -z "$GITHUB_HOST" ]] && gitops_aiservice_tenant_help "GITHUB_HOST is not set"
    [[ -z "$GITHUB_ORG" ]] && gitops_aiservice_tenant_help "GITHUB_ORG is not set"
    [[ -z "$GITHUB_REPO" ]] && gitops_aiservice_tenant_help "GITHUB_REPO is not set"
    [[ -z "$GIT_BRANCH" ]] && gitops_aiservice_tenant_help "GIT_BRANCH is not set"
  fi

  # add validation below like above  for those variable which have the value needed for further execution
  [[ -z "$AISERVICE_INSTANCE_ID" ]] && gitops_aiservice_tenant_help "AISERVICE_INSTANCE_ID is not set. Please specify the AI Service instance ID using --aiservice_instance_id."
  [[ -z "$TENANT_NAMESPACE" ]] && gitops_aiservice_tenant_help "TENANT_NAMESPACE is not set. Please specify the tenant namespace using --tenantNamespace."
  [[ -z "$TENANT_ID" ]] && gitops_aiservice_tenant_help "TENANT_ID is not set. Please provide the tenant ID using --tenant-id."
  [[ -z "$CLUSTER_DOMAIN" ]] && gitops_aiservice_tenant_help "CLUSTER_DOMAIN is not set. Please provide the cluster domain using --cluster-domain."
  
  # -- DRO
  [[ -z "$DROCFG_URL" ]] && gitops_aiservice_tenant_help "DROCFG_URL is not set. Please specify the DRO configuration URL using --drocfg-url."
  
  # -- SLS
  [[ -z "$SLSCFG_URL" ]] && gitops_aiservice_tenant_help "SLSCFG_URL is not set. Please specify the SLS configuration URL using --slscfg-url."

  # -- Watsonx
  [[ -z "$AISERVICE_WATSONXAI_URL" ]] && gitops_aiservice_tenant_help "AISERVICE_WATSONXAI_URL is not set. Please specify the Watsonx.ai URL using --aiservice-watsonxai-url."
  [[ -z "$AISERVICE_WATSONX_FULL" ]] && gitops_aiservice_tenant_help "AISERVICE_WATSONX_FULL is not set. Please specify the full Watsonx.ai URL using --aiservice-watsonx-full."
  [[ -z "$RSL_URL" ]] && gitops_aiservice_tenant_help "RSL_URL is not set. Please specify the RSL URL using --rsl-url."
  [[ -z "$AISERVICE_S3_ENDPOINT_URL" ]] && gitops_aiservice_tenant_help "AISERVICE_S3_ENDPOINT_URL is not set. Please specify the S3 endpoint URL using --aiservice-s3-endpoint-url."
  
  [[ -z "$AISERVICE_STORAGE_SSL" ]] && gitops_aiservice_tenant_help "AISERVICE_STORAGE_SSL is not set. Please specify whether SSL is enabled for STORAGE using --aiservice-storage_ssl."
  [[ -z "$AISERVICE_STORAGE_PROVIDER" ]] && gitops_aiservice_tenant_help "AISERVICE_STORAGE_PROVIDER is not set. Please specify the STORAGE provider using --aiservice-storage-provider."
 
 }

function gitops_aiservice_tenant() {
  # Take the first parameter off (it will be create-gitops)
  shift
  if [[ $# -gt 0 ]]; then
    gitops_aiservice_tenant_noninteractive "$@"
  else
    echo "Not supported yet"
    exit 1
    gitops_aiservice_tenant_interactive
  fi

  # catch errors
  set -o pipefail
  trap 'echo "[ERROR] Error occurred at $BASH_SOURCE, line $LINENO, exited with $?"; exit 1' ERR

  mkdir -p ${GITOPS_WORKING_DIR}
  GITOPS_CLUSTER_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${ACCOUNT_ID}/${CLUSTER_ID}/${AISERVICE_INSTANCE_ID}/${TENANT_ID}


  echo
  reset_colors
  echo_h2 "Review Settings"

  echo "${TEXT_DIM}"
  echo_h2 "Target" "    "
  echo_reset_dim "Account ID ..................... ${COLOR_MAGENTA}${ACCOUNT_ID}"
  echo_reset_dim "Region ID ...................... ${COLOR_MAGENTA}${REGION_ID}"
  echo_reset_dim "Cluster ID ..................... ${COLOR_MAGENTA}${CLUSTER_ID}"
  echo_reset_dim "Cluster Config Directory ....... ${COLOR_MAGENTA}${GITOPS_CLUSTER_DIR}"
  reset_colors

  echo "${TEXT_DIM}"
  echo_h2 "AWS Secrets Manager" "    "
  echo_reset_dim "Region ......................... ${COLOR_MAGENTA}${SM_AWS_REGION}"
  echo_reset_dim "Secret Key ..................... ${COLOR_MAGENTA}${SM_AWS_ACCESS_KEY_ID:0:4}<snip>"
  echo_reset_dim "Access Key ..................... ${COLOR_MAGENTA}${SM_AWS_SECRET_ACCESS_KEY:0:4}<snip>"
  echo_reset_dim "Secrets Path ................... ${COLOR_MAGENTA}${SECRETS_PATH}"
  reset_colors

  echo "${TEXT_DIM}"
  if [[ "$GITHUB_PUSH" == "true" ]]; then
    echo_h2 "GitOps Target" "    "
    echo_reset_dim "Automatic Push ............................. ${COLOR_GREEN}Enabled"
    echo_reset_dim "Working Directory .......................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}"
    echo_reset_dim "Host ....................................... ${COLOR_MAGENTA}${GITHUB_HOST}"
    echo_reset_dim "Organization ............................... ${COLOR_MAGENTA}${GITHUB_ORG}"
    echo_reset_dim "Repository ................................. ${COLOR_MAGENTA}${GITHUB_REPO}"
    echo_reset_dim "Branch ..................................... ${COLOR_MAGENTA}${GIT_BRANCH}"
  else
    echo_h2 "GitOps Target" "    "
    echo_reset_dim "Automatic Push ............................. ${COLOR_RED}Disabled"
    echo_reset_dim "Working Directory .......................... ${COLOR_MAGENTA}${GITOPS_WORKING_DIR}"
  fi
  reset_colors

  # echo all the variables of gitops envs

  # -- aiservice
  echo_reset_dim "Aiservice namespace ........................... ${COLOR_MAGENTA}${AISERVICE_NAMESPACE}"
  echo_reset_dim "AiService provision tenant ................... ${COLOR_MAGENTA}${AISERVICE_PROVISION_TENANT}"
  echo_reset_dim "AiService instance ID ......................... ${COLOR_MAGENTA}${AISERVICE_INSTANCE_ID}"
  echo_reset_dim "tenant namespace ............................. ${COLOR_MAGENTA}${TENANT_NAMESPACE}"
  echo_reset_dim "tenant ID .................................... ${COLOR_MAGENTA}${TENANT_ID}"
  echo_reset_dim "cluster domain ............................... ${COLOR_MAGENTA}${CLUSTER_DOMAIN}"
  echo_reset_dim "in SaaS environment .......................... ${COLOR_MAGENTA}${IN_SAAS_ENV}"

  echo_reset_dim "MAS ICR CP registry .......................... ${COLOR_MAGENTA}${MAS_ICR_CP}"
  echo_reset_dim "MAS ICR CPOPEN registry ...................... ${COLOR_MAGENTA}${MAS_ICR_CPOPEN}"

  # -- SLS
  echo_reset_dim "SLS subscription ID .......................... ${COLOR_MAGENTA}${AISERVICE_SLS_SUBSCRIPTION_ID}"

  # -- Watsonx
  echo_reset_dim "Watsonx.ai URL ............................... ${COLOR_MAGENTA}${AISERVICE_WATSONXAI_URL}"
  echo_reset_dim "Watsonx.ai full URL .......................... ${COLOR_MAGENTA}${AISERVICE_WATSONX_FULL}"
  echo_reset_dim "watsonx.ai instance ID ......................... ${COLOR_MAGENTA}${AISERVICE_WATSONX_INSTANCE_ID}"
  echo_reset_dim "watsonx.ai version ............................. ${COLOR_MAGENTA}${AISERVICE_WATSONX_VERSION}"
  echo_reset_dim "watsonx.ai username ........................... ${COLOR_MAGENTA}${AISERVICE_WATSONX_USERNAME}"
  echo_reset_dim "Aiservice operator log level ................... ${COLOR_MAGENTA}${AISERVICE_OPERATOR_LOG_LEVEL}"
  # -- STORAGE
  echo_reset_dim "SSL enabled .................................. ${COLOR_MAGENTA}${AISERVICE_STORAGE_SSL}"
  echo_reset_dim "Storage provider ............................. ${COLOR_MAGENTA}${AISERVICE_STORAGE_PROVIDER}"
  AVP_TYPE=aws  # Support for IBM will be added later
  sm_login

  SECRETS_PREFIX="${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}"

  # aiservice
  export SECRET_KEY_IBM_ENTITLEMENT=${SECRETS_PREFIX}ibm_entitlement#entitlement_key
  # dro
  export SECRET_KEY_ARTIFACTORY_TOKEN=${SECRETS_PREFIX}ibm_entitlement#image_pull_secret_b64
  export DROCFG_CA_B64ENC=${SECRETS_PREFIX}droai#drocfg_ca_b64enc
  export SECRET_KEY_DROCFG_REGISTRATION_KEY=${SECRETS_PREFIX}droai#drocfg_registration_key

  # sls
  SLS_SECRETS_PREFIX="${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${AISERVICE_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}${TENANT_ID}${SECRETS_KEY_SEPERATOR}"
  export SECRET_KEY_SLSCFG_REGISTRATION_KEY=${SLS_SECRETS_PREFIX}sls#slscfg_registration_key
  export SECRET_KEY_SLSCFG_CA_B64ENC=${SLS_SECRETS_PREFIX}sls#slscfg_ca_b64enc

  export SECRET_KEY_RSL_ORG_ID=${SECRETS_PREFIX}rsl#rsl_org_id
  export SECRET_KEY_RSL_TOKEN=${SECRETS_PREFIX}rsl#rsl_token
  export SECRET_KEY_RSL_CA_CRT=${SECRETS_PREFIX}rsl#rsl_ca_crt
  #watsonx
  export SECRET_KEY_WATSONXAI_APIKEY=${SECRETS_PREFIX}watsonx#watsonxai_apikey
  export AISERVICE_WATSONXAI_PROJECT_ID=${SECRETS_PREFIX}watsonx#watsonxai_project_id
  
  # STORAGE
  export SECRET_KEY_STORAGE_HOST=${SECRETS_PREFIX}storage#sm_storage_host
  export SECRET_KEY_STORAGE_PORT=${SECRETS_PREFIX}storage#sm_storage_port
  export SECRET_KEY_STORAGE_ACCESSKEY=${SECRETS_PREFIX}s3#sm_s3_accesskey
  export SECRET_KEY_STORAGE_SECRETKEY=${SECRETS_PREFIX}s3#sm_s3_secretkey
  export SECRET_KEY_STORAGE_REGION=${SECRETS_PREFIX}s3#sm_s3_region

  # check for those variables present into the aws sm 

  sm_verify_secret_exists ${SECRETS_PREFIX}ibm_entitlement "image_pull_secret_b64,entitlement_key"
  sm_verify_secret_exists ${SECRETS_PREFIX}droai "drocfg_registration_key,drocfg_ca_b64enc"
  sm_verify_secret_exists ${SLS_SECRETS_PREFIX}sls "slscfg_registration_key,slscfg_ca_b64enc"
  sm_verify_secret_exists ${SECRETS_PREFIX}rsl "rsl_org_id,rsl_token"
  sm_verify_secret_exists ${SECRETS_PREFIX}watsonx "watsonxai_apikey,watsonxai_project_id"
  
  # finally push them into the git repo

    if [ -z $GIT_SSH ]; then
      export GIT_SSH=false
    fi

    # Clone github target repo
    # ---------------------------------------------------------------------------
    if [ "$GITHUB_PUSH" == "true" ]; then
      echo
      echo_h2 "Cloning GitHub repo $GITHUB_ORG $GITHUB_REPO"
      clone_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH $GITOPS_WORKING_DIR $GIT_SSH
    fi
    mkdir -p ${GITOPS_CLUSTER_DIR}

    # Generate ArgoApps
    # ---------------------------------------------------------------------------
    echo
    echo_h2 "Generating Argo Project and Applications"
    echo "- Base Config"
    echo "Generating aiservice base file ${GITOPS_CLUSTER_DIR}/ibm-aiservice-tenant-base.yaml"
    jinjanate_commmon $CLI_DIR/templates/gitops/appset-configs/cluster/instance/ibm-aiservice-tenant-base.yaml.j2 ${GITOPS_CLUSTER_DIR}/ibm-aiservice-tenant-base.yaml

    # Generate ArgoApps
    # ---------------------------------------------------------------------------
    echo
    echo_h2 "Generating aiservice operator Applications"
    echo "- aiservice tenant operator"

    echo "Generating aiservice file ${GITOPS_CLUSTER_DIR}/ibm-aiservice-tenant.yaml"
    jinjanate_commmon $CLI_DIR/templates/gitops/appset-configs/cluster/instance/ibm-aiservice-tenant.yaml.j2 ${GITOPS_CLUSTER_DIR}/ibm-aiservice-tenant.yaml

    # Commit and push to github target repo
    # ---------------------------------------------------------------------------
    if [ "$GITHUB_PUSH" == "true" ]; then
      echo
      echo "Github push" "$GITHUB_HOST" "$GITHUB_ORG" "$GITHUB_REPO" "$GIT_BRANCH" "Working: " "${GITOPS_WORKING_DIR}/${GITHUB_REPO}" " Commit :" "$GIT_COMMIT_MSG"
      save_to_target_git_repo $GITHUB_HOST $GITHUB_ORG $GITHUB_REPO $GIT_BRANCH "${GITOPS_WORKING_DIR}/${GITHUB_REPO}" "${GIT_COMMIT_MSG}"
      remove_git_repo_clone $GITOPS_WORKING_DIR/$GITHUB_REPO
    fi

    rm -rf $TEMP_DIR

  exit 0
}
