kustomize := "bazel run //hack/tools:kustomize --"
kubectl := "bazel run //hack/tools:kubectl --"
just := "just --justfile=" + justfile_directory() + "/../../../justfile"

# build the operator, provider and web/identity
build:
    bazel build ...

# push the containers to your local repo
push registry="localhost:21700":
    #!/usr/bin/env bash
    echo "🔨 pushing images and building if necessary"
    bazel run //cmd/tools/pusha -- --repo={{registry}} --insecure-repository=true cmd/edge/edge-issuer/... 

update: gen-code update-manifests
  {{just}} gazelle

update-manifests: gen-crds gen-rbac
  {{just}} fmt-manifests

gen-crds:
  {{just}} run pkg/edge/edge-issuer/api:gen_crds 

gen-rbac:
  # {{just}} run pkg/edge/edge-issuer/internal/controllers:gen_rbac

gen-code:
  {{just}} run pkg/edge/edge-issuer/api:gen_code

cert-manager:
    #!/usr/bin/env bash
    echo "🚀 deploying cert manager"
    {{kubectl}} apply -f {{invocation_directory()}}/third_party/k8s/certmanager/manifests.yaml  
    {{kubectl}} wait --for=condition=Available apiservice v1.cert-manager.io --timeout=300s
    {{kubectl}} wait --for=condition=Available deploy/cert-manager -n cert-manager  --timeout=300s
    {{kubectl}} wait --for=condition=Available deploy/cert-manager-cainjector -n cert-manager  --timeout=300s
    {{kubectl}} wait --for=condition=Available deploy/cert-manager-webhook -n cert-manager  --timeout=300s       

crds:
    #!/usr/bin/env bash
    echo "📦 deploying all required crds"
    {{kubectl}} apply -k {{invocation_directory()}}/config/pallets/edge/edge-issuer/base/crds

deploy:
    #!/usr/bin/env bash
    echo "🚀 deploying the crds, edge issuer components"
    {{kubectl}} apply -k {{invocation_directory()}}/config/pallets/edge/edge-issuer/kind

reset:
    #!/usr/bin/env bash
    echo "cleaning up"
    {{kubectl}} delete -k {{invocation_directory()}}/config/pallets/edge/edge-issuer/kind
    {{kubectl}} delete -k {{invocation_directory()}}/config/pallets/edge/edge-issuer/kind/sample
    {{kubectl}} delete secret -n default certificate-by-edgeissuer --ignore-not-found


kind: reset push crds deploy

certificate:
    #!/usr/bin/env bash
    {{kubectl}} apply -k {{invocation_directory()}}/config/pallets/edge/edge-issuer/kind/sample

verify:
    #!/usr/bin/env bash
    {{kubectl}} wait --for=condition=Ready --timeout=5s edgeissuers.edge-issuer.edge.ncr.com edgeissuer-sample
    {{kubectl}} wait --for=condition=Ready --timeout=5s certificates.cert-manager.io certificate-by-edgeissuer
    {{kubectl}} get secret certificate-by-edgeissuer &> /dev/null && echo "certificate-by-edgeissuer secret exists" || echo "certificate-by-edgeissuer secret just does not exist"
    {{kubectl}} wait --for=condition=Ready --timeout=5s edgeclusterissuers.edge-issuer.edge.ncr.com edgeclusterissuer-sample -n edge-issuer
    {{kubectl}} wait --for=condition=Ready --timeout=5s certificates.cert-manager.io certificate-by-edgeclusterissuer -n edge-issuer
    {{kubectl}} get secret -n edge-issuer certificate-by-edgeclusterissuer &> /dev/null && echo "certificate-by-edgeclusterissuer secret exists" || echo "certificate-by-edgeclusterissuer secret just does not exist"
    {{kubectl}} get secret -n edge-issuer certificate-by-edgeclusterissuer -o=jsonpath='{.data.tls\.crt}' | base64 -d | openssl x509 -noout -text