#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

############## Setup #########################

function cleanup {
    for f in "${pods[@]}"; do
        log "Deleting $f"
        kubectl delete pod --force=true --grace-period=0 --namespace homepage "$f"
    done
}
pods=()
for sig in EXIT INT QUIT HUP TERM; do
  trap "set +e; cleanup" "$sig"
done

function die {
    local status_code="$1"
    shift
    (>&2 echo "${@}")
    exit "$status_code"
}

function log {
    (>&2 echo "${@}")
}

############## Program #########################

function main {
    local pod_name="tom-$(uuidgen | cut -d '-' -f 1)"
    pods+=("$pod_name")
    create_pod "$pod_name"
    kubectl wait pods -n homepage "$pod_name" --for condition=Ready --timeout=90s
    kubectl exec -i -t --namespace homepage "$pod_name" -- "${@}"
}

function create_pod {
    local pod_name="$1"
    kubectl apply -f - <<EOF
apiVersion: v1
kind: Pod
metadata:
  labels:
    run: $pod_name
  name: $pod_name
  namespace: homepage
spec:
  imagePullSecrets:
    - name: registry-credentials
  containers:
  - args:
    - /bin/sleep
    - infinity
    image: harbor.fizz.buzz/dockerhub/library/alpine:3.18
    imagePullPolicy: IfNotPresent
    name: $pod_name
    stdin: true
    stdinOnce: true
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    tty: true
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-hskj7
      readOnly: true
  # serviceAccount: default
  # serviceAccountName: default
  terminationGracePeriodSeconds: 30
  tolerations:
  - effect: NoExecute
    key: node.kubernetes.io/not-ready
    operator: Exists
    tolerationSeconds: 300
  - effect: NoExecute
    key: node.kubernetes.io/unreachable
    operator: Exists
    tolerationSeconds: 300
  volumes:
  - name: kube-api-access-hskj7
    projected:
      defaultMode: 420
      sources:
      - serviceAccountToken:
          expirationSeconds: 3607
          path: token
      - configMap:
          items:
          - key: ca.crt
            path: ca.crt
          name: kube-root-ca.crt
      - downwardAPI:
          items:
          - fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
            path: namespace
EOF
}

function delete_pod {
    local pod_name="$1"
    kubectl delete pod --force=true --grace-period=0 --namespace homepage "$pod_name"
}

main "$@"