#!/usr/bin/env bash

function gitops_kafka_help() {
  [[ -n "$1" ]] && echo_warning "$1"
  reset_colors
  cat << EOM
Usage:
  mas gitops-kafka [options]
Where ${COLOR_YELLOW}specified${TEXT_RESET} each option may also be defined by setting the appropriate environment variable.
When no options are specified on the command line, interactive-mode will be enabled by default.

GitOps Configuration:
  -a, --account-id ${COLOR_YELLOW}ACCOUNT_ID${TEXT_RESET}                                                  Account name that the cluster belongs to
  -c, --cluster-id ${COLOR_YELLOW}CLUSTER_ID${TEXT_RESET}                                                  Cluster ID

Secrets Manager:
      --secrets-path ${COLOR_YELLOW}SECRETS_PATH${TEXT_RESET}                                              Secrets Manager path
      --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET}                            Secrets Manager key seperator string

IBM Maximo Application Suite:
      -m, --mas-instance-id ${COLOR_YELLOW}MAS_INSTANCE_ID${TEXT_RESET}                                    IBM Suite Maximo Application Suite Instance ID  

Kafka Provider Selection / Version:
      --kafka-provider ${COLOR_YELLOW}KAFKA_PROVIDER${TEXT_RESET}                                          The kafka provider to install. Only "aws" is supported
      --kafka-version ${COLOR_YELLOW}KAFKA_VERSION${TEXT_RESET}                                            The kafka version to install
AWS Kafka Provider:
      --aws-access-key ${COLOR_YELLOW}AWS_ACCESS_KEY_ID${TEXT_RESET}                                       Access Key
      --aws-secret-key ${COLOR_YELLOW}AWS_SECRET_ACCESS_KEY_ID${TEXT_RESET}                                Secret Key
      --aws-region ${COLOR_YELLOW}AWS_REGION${TEXT_RESET}                                                  Region
      --aws-vpc-id ${COLOR_YELLOW}VPC_ID${TEXT_RESET}                                                      VPC ID

      --aws-msk-ingress-cidr ${COLOR_YELLOW}AWS_MSK_INGRESS_CIDR${TEXT_RESET}                              Ingress CIDR
      --aws-msk-egress-cidr  ${COLOR_YELLOW}AWS_MSK_EGRESS_CIDR${TEXT_RESET}                               Egress CIDR
      --aws-msk-cidr-az1 ${COLOR_YELLOW}AWS_MSK_CIDR_AZ1${TEXT_RESET}                                      Availability Zone 1 CIDR
      --aws-msk-cidr-az2 ${COLOR_YELLOW}AWS_MSK_CIDR_AZ2${TEXT_RESET}                                      Availability Zone 2 CIDR
      --aws-msk-cidr-az3 ${COLOR_YELLOW}AWS_MSK_CIDR_AZ3${TEXT_RESET}                                      Availability Zone 3 CIDR

      --aws-msk-instance-type ${COLOR_YELLOW}AWS_MSK_INSTANCE_TYPE${TEXT_RESET}                            The type of Amazon EC2 instances to use for Apache Kafka brokers
      --aws-msk-volume-size ${COLOR_YELLOW}AWS_MSK_VOLUME_SIZE${TEXT_RESET}                                The size in GiB of the EBS volume for the data drive on each broker node.
      --aws-msk-instance-number ${COLOR_YELLOW}AWS_MSK_INSTANCE_NUMBER${TEXT_RESET}                        The number of broker nodes in the cluster.
      --kafkacfg-file-name ${COLOR_YELLOW}KAFKACFG_FILE_NAME${TEXT_RESET}                                  Kafkacfg file name generated by the kafka ansible role.


Other Commands:
      -h, --help                                                                                           Show this help message
EOM
  [[ -n "$1" ]] && exit 1 || exit 0
}


function gitops_kafka_noninteractive() {
  GITOPS_WORKING_DIR=$PWD/working-dir  
  SECRETS_KEY_SEPERATOR="/"

  while [[ $# -gt 0 ]]
  do
    key="$1"
    shift
    case $key in
      # GitOps Configuration
      -d|--dir)
        export GITOPS_WORKING_DIR=$1 && shift
        ;;
      -a|--account-id)
        export ACCOUNT_ID=$1 && shift
        ;;
      -c|--cluster-id)
        export CLUSTER_ID=$1 && shift
        ;;

      # Secrets Manager
      --secrets-path)
        export SECRETS_PATH=$1 && shift
        ;;
      --secrets-key-seperator)
        export SECRETS_KEY_SEPERATOR=$1 && shift
        ;;

      # MAS
      -m|--mas-instance-id)
        export MAS_INSTANCE_ID=$1 && shift
        ;;

      # Kafka Provider Selection
      --kafka-provider)
        export KAFKA_PROVIDER=$1 && shift
        ;;
      --kafka-version)
        export KAFKA_VERSION=$1 && shift
        ;;

    	# AWS MSK Kafka provider
      --aws-access-key)
        export AWS_ACCESS_KEY_ID=$1 && shift
        ;;
      --aws-secret-key)
        export AWS_SECRET_ACCESS_KEY=$1 && shift
        ;;
      --aws-region)
        export AWS_REGION=$1 && shift
        ;;
      --aws-vpc-id)
        export VPC_ID=$1 && shift
        ;;
      --aws-msk-cidr-az1)
        export AWS_MSK_CIDR_AZ1=$1 && shift
        ;;
      --aws-msk-cidr-az2)
        export AWS_MSK_CIDR_AZ2=$1 && shift
        ;;
      --aws-msk-cidr-az3)
        export AWS_MSK_CIDR_AZ3=$1 && shift
        ;;	
      --aws-msk-ingress-cidr)
        export AWS_MSK_INGRESS_CIDR=$1 && shift
        ;;
      --aws-msk-egress-cidr)
        export AWS_MSK_EGRESS_CIDR=$1 && shift
        ;;
      --kafkacfg-file-name)
        export KAFKACFG_FILE_NAME=$1 && shift
        ;;        

	    # optional parameters
      --aws-msk-instance-type)
        export AWS_MSK_INSTANCE_TYPE=$1 && shift
        ;;
      --aws-msk-volume-size)
        export AWS_MSK_VOLUME_SIZE=$1 && shift
        ;;
      --aws-msk-instance-number)
        export AWS_MSK_INSTANCE_NUMBER=$1 && shift
        ;;

      # Automatic GitHub Push
      -P|--github-push)
        export GITHUB_PUSH=true
        ;;
      -H|--github-host)
        export GITHUB_HOST=$1 && shift
        ;;
      -O|--github-org)
        export GITHUB_ORG=$1 && shift
        ;;
      -R|--github-repo)
        export GITHUB_REPO=$1 && shift
        ;;
      -B|--git-branch)
        export GIT_BRANCH=$1 && shift
        ;;
      -M|--git-commit-msg)
        export GIT_COMMIT_MSG=$1 && shift
        ;;

      # Other Commands
      -h|--help)
        gitops_kafka_help
        ;;
      *)
        # unknown option
        echo -e "${COLOR_RED}Usage Error: Unsupported option \"${key}\"${COLOR_RESET}\n"
        gitops_kafka_help  "Usage Error: Unsupported option \"${key}\" "
        exit 1
        ;;
      esac
  done


  [[ -z "$CLUSTER_ID" ]] && gitops_kafka_help "CLUSTER_ID is not set"
  [[ -z "$KAFKA_PROVIDER" ]] && gitops_kafka_help "KAFKA_PROVIDER is not set"
  [[ -z "$KAFKA_VERSION" ]] && gitops_kafka_help "KAFKA_VERSION is not set"
  [[ -z "$ACCOUNT_ID" ]] && gitops_kafka_help "ACCOUNT_ID is not set"
  #[[ -z "$MAS_INSTANCE_ID" ]] && gitops_kafka_help "MAS_INSTANCE_ID is not set"

  if [ $KAFKA_PROVIDER == 'aws' ]; then
    if [ -z $AWS_ACCESS_KEY_ID ] || [ -z $AWS_SECRET_ACCESS_KEY ] || [ -z $VPC_ID ] || [ -z $AWS_REGION ]; then
      echo 'Missing required params for AWS kafka provider, make sure to provide --aws-access-key, --aws-secret-key, --aws-region and --aws-vpc-id'
      exit 1
    fi
    if [ -z $AWS_MSK_INGRESS_CIDR ] || [ -z $AWS_MSK_EGRESS_CIDR ] || [ -z $AWS_MSK_CIDR_AZ1 ] || [ -z $AWS_MSK_CIDR_AZ2 ] || [ -z $AWS_MSK_CIDR_AZ3 ]; then
      echo 'Missing required params for AWS kafka provider, make sure to provide --aws-msk-ingress-cidr, --aws-msk-egress-cidr, --aws-msk-cidr-az1, --aws-msk-cidr-az2, --aws-msk-cidr-az3'
      exit 1
    fi
  fi



}

function gitops_kafka() {
  # Take the first parameter off (it will be create-gitops)
  shift
  if [[ $# -gt 0 ]]; then
    gitops_kafka_noninteractive "$@"
  else
    echo "Not supported yet"
    exit 1
    gitops_kafka_interactive
  fi

  # catch errors
  set -o pipefail
  trap 'echo "[ERROR] Error occurred at $BASH_SOURCE, line $LINENO, exited with $?"; exit 1' ERR

  mkdir -p ${GITOPS_WORKING_DIR}
  GITOPS_CLUSTER_DIR=${GITOPS_WORKING_DIR}/${GITHUB_REPO}/${CLUSTER_ID}
  TEMP_DIR=$GITOPS_CLUSTER_DIR/tmp-kafka
  mkdir -p ${TEMP_DIR}
  echo
  reset_colors
  echo_h2 "Review Settings"

  echo "${TEXT_DIM}"
  echo_h2 "Target" "    "
  echo_reset_dim "Account ID ............................ ${COLOR_MAGENTA}${ACCOUNT_ID}"
  echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}"
  echo_reset_dim "Application Directory ................. ${COLOR_MAGENTA}${TEMP_DIR}"  
  reset_colors

  echo "${TEXT_DIM}"
  echo_h2 "Secrets Manager" "    "
  echo_reset_dim "Secrets Path .......................... ${COLOR_MAGENTA}${SECRETS_PATH}"
  reset_colors

  echo "${TEXT_DIM}"
  echo_h2 "kafka" "    "
  echo_reset_dim "Kafka Provider  ......................... ${COLOR_MAGENTA}${KAFKA_PROVIDER}"
  if [ $KAFKA_PROVIDER == 'aws' ]; then
    echo_reset_dim "AWS Access Key ID  .................... ${COLOR_MAGENTA}${AWS_ACCESS_KEY_ID}"
    echo_reset_dim "AWS Secret Access Key  ................ ${COLOR_MAGENTA}${AWS_SECRET_ACCESS_KEY:0:8}<snip>"
    echo_reset_dim "AWS Region  ........................... ${COLOR_MAGENTA}${AWS_REGION}"
    echo_reset_dim "AWS VPC ID  ........................... ${COLOR_MAGENTA}${VPC_ID}"
    echo_reset_dim "AWS MSK Ingress CIDR .................. ${COLOR_MAGENTA}${AWS_MSK_INGRESS_CIDR}"
    echo_reset_dim "AWS MSK Egress CIDR ................... ${COLOR_MAGENTA}${AWS_MSK_EGRESS_CIDR}"
    echo_reset_dim "AWS MSK CIDR AZ1 ...................... ${COLOR_MAGENTA}${AWS_MSK_CIDR_AZ1}"
    echo_reset_dim "AWS MSK CIDR AZ2 ...................... ${COLOR_MAGENTA}${AWS_MSK_CIDR_AZ2}"
    echo_reset_dim "AWS MSK CIDR AZ3 ...................... ${COLOR_MAGENTA}${AWS_MSK_CIDR_AZ3}"
    echo_reset_dim "AWS MSK Instance type ................. ${COLOR_MAGENTA}${AWS_MSK_INSTANCE_TYPE}"
    echo_reset_dim "AWS MSK Volume size ................... ${COLOR_MAGENTA}${AWS_MSK_VOLUME_SIZE}"
    echo_reset_dim "AWS MSK Instance number ............... ${COLOR_MAGENTA}${AWS_MSK_INSTANCE_NUMBER}"
  fi

  echo "${TEXT_DIM}"
  echo_h2 "IBM Maximo Application Suite" "    "
  echo_reset_dim "Instance ID ............................. ${COLOR_MAGENTA}${MAS_INSTANCE_ID}"

  reset_colors

  AVP_TYPE=aws  # Support for IBM will be added later
  sm_login

  if [ $KAFKA_PROVIDER == 'aws' ]; then

    #kafka aws provider role specific env variables
    export MAS_CONFIG_DIR=$TEMP_DIR
    export KAFKA_ACTION="install"
    export MAS_INSTANCE_ID=${MAS_INSTANCE_ID:-CLUSTER_ID}
    export KAFKA_NAMESPACE="msk-${CLUSTER_ID}"
    export AWS_MSK_INSTANCE_TYPE=${AWS_MSK_INSTANCE_TYPE:-"kafka.m5.large"}
    export AWS_MSK_VOLUME_SIZE=${AWS_MSK_VOLUME_SIZE:-"100"}
    export AWS_MSK_INSTANCE_NUMBER=${AWS_MSK_INSTANCE_NUMBER:-"3"}
    export KAFKA_CLUSTER_NAME=msk-${CLUSTER_ID}
    export AWS_MSK_SECURITY_GROUP_NAME=msk-${CLUSTER_ID}-sg
    export AWS_MSK_CLUSTER_CONFIGURATION=msk-${CLUSTER_ID}-cluster-config
    export AWS_MSK_KMS_KEY=msk-${CLUSTER_ID}-kms-key
    export AWS_MSK_SECRET=AmazonMSK_${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}kafka

    export AWS_KAFKA_USER_NAME=msk-user-${MAS_INSTANCE_ID}
    export AWS_KAFKA_USER_PASSWORD=`cat /dev/urandom | tr -dc 'a-zA-Z0-9' | head -c 20`
    export KAFKA_SECRET_FILE=$TEMP_DIR/kafka-secret.json
    sm_get_secret_file ${AWS_MSK_SECRET} $KAFKA_SECRET_FILE
    TEMP_AWS_KAFKA_USER_PASSWORD=$(jq -r .password $KAFKA_SECRET_FILE)
    if [[ -n ${TEMP_AWS_KAFKA_USER_PASSWORD} ]]; then
      export AWS_KAFKA_USER_PASSWORD=${TEMP_AWS_KAFKA_USER_PASSWORD}
      echo "gitops_kafka : AWS_KAFKA_USER_PASSWORD=${AWS_KAFKA_USER_PASSWORD:0:8}<snip> is available in the secret, use the same while invoking the role again"
    fi
    
    export KAFKACFG_FILE_NAME=${KAFKACFG_FILE_NAME:-"aws-msk-${KAFKA_CLUSTER_NAME}-kafkacfg.yml"}

    echo_reset_dim "KAFKA_NAMESPACE ....................... ${COLOR_MAGENTA}${KAFKA_NAMESPACE}"
    echo_reset_dim "AWS_KAFKA_USER_NAME ................... ${COLOR_MAGENTA}${AWS_KAFKA_USER_NAME}"
    echo_reset_dim "AWS_KAFKA_USER_PASSWORD ............... ${COLOR_MAGENTA}${AWS_KAFKA_USER_PASSWORD:0:8}<snip>"
    echo_reset_dim "AWS_MSK_INSTANCE_TYPE ................. ${COLOR_MAGENTA}${AWS_MSK_INSTANCE_TYPE}"
    echo_reset_dim "AWS_MSK_VOLUME_SIZE ................... ${COLOR_MAGENTA}${AWS_MSK_VOLUME_SIZE}"
    echo_reset_dim "AWS_MSK_INSTANCE_NUMBER ............... ${COLOR_MAGENTA}${AWS_MSK_INSTANCE_NUMBER}"
    echo_reset_dim "AWS_MSK_SECRET ........................ ${COLOR_MAGENTA}${AWS_MSK_SECRET}"
    echo_reset_dim "MAS_CONFIG_DIR ........................ ${COLOR_MAGENTA}${MAS_CONFIG_DIR}"
    echo_reset_dim "KAFKACFG_FILE_NAME .................... ${COLOR_MAGENTA}${KAFKACFG_FILE_NAME}"

    export AWS_DEFAULT_OUTPUT="json"
    export ROLE_NAME=kafka && ansible-playbook ibm.mas_devops.run_role

    rc=$?
    [ $rc -ne 0 ] && exit $rc
    # Extract the required details from the generated kafkacfg/secret. For msk this is in plain text (stringData)
    export KAFKA_USERNAME=$(yq 'select(di == 0) | .data.username' $TEMP_DIR/${KAFKACFG_FILE_NAME} | base64 -d)
    export KAFKA_PASSWORD=$(yq 'select(di == 0) | .data.password' $TEMP_DIR/${KAFKACFG_FILE_NAME} | base64 -d)
    yq 'select(di == 1) | .spec' $TEMP_DIR/${KAFKACFG_FILE_NAME} >> $TEMP_DIR/kafka-info.yaml
    yq -i 'del(.config.credentials)' $TEMP_DIR/kafka-info.yaml
    yq -i 'del(.displayName)' $TEMP_DIR/kafka-info.yaml
    yq -i 'del(.type)' $TEMP_DIR/kafka-info.yaml

    UNESCAPED_INFO="$(cat $TEMP_DIR/kafka-info.yaml)"
    
    ESCAPED_INFO=${UNESCAPED_INFO//\"/\\\"}
    ESCAPED_INFO=${ESCAPED_INFO//$'\n'/\\n}
    TAGS="[{\"Key\": \"source\", \"Value\": \"gitops_kafka\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]"
    sm_update_secret $AWS_MSK_SECRET "{\"info\": \"$ESCAPED_INFO\", \"username\": \"$KAFKA_USERNAME\", \"password\": \"$KAFKA_PASSWORD\"}" "${TAGS}"

    rm -rf $TEMP_DIR
  fi
  exit 0
}