#!/usr/bin/env bash
#
# Create a base CentOS Docker image.
#
# This script is useful on systems with yum installed (e.g., building
# a CentOS image on CentOS).  See contrib/mkimage-rinse.sh for a way
# to build CentOS images on other systems.

yum_config=$1
target=$2
projectdir=$3
profile_id=$4

setopt="group_package_types=mandatory,default,optional"

case $profile_id in
    "x86_64_COTS" )
        kernel_version="5.17.15-1.el8.x86_64"
        append_package_to_install="$projectdir/package/kernel-ml-core-$kernel_version.rpm
                    $projectdir/package/kernel-ml-modules-$kernel_version.rpm
                    $projectdir/package/kernel-ml-$kernel_version.rpm
                    $projectdir/package/kernel-ml-devel-$kernel_version.rpm"
        ;;
    *)
        kernel_version="error_profile_id"
        echo "Set kernel_version failed, error profile_id: $profile_id"
        exit 1
        ;;
esac

case $profile_id in
    "x86_64_COTS" )
        base_package_to_install="@base @core @debugging @anaconda-tools @additional-devel @guest-agents @system-tools
                    @hardware-monitoring @network-file-system-client @performance @remote-system-management adcli certmonger
                    ipa-client clevis-dracut clevis-udisks2 krb5-pkinit krb5-workstation sssd-polkit-rules krb5-pkinit luksmeta
                    nscd nss-pam-ldapd grub2 epel-release efibootmgr yum-utils ipmitool OpenIPMI docker-ce docker-ce-cli
                    containerd.io lrzsz python3 watchdog pcm git tmux fish kernel kernel-devel kernel-tools-libs kernel-modules
                    kernel-tools kernel-core rpm-build libtool kernel-rpm-macros python36-devel tcsh kernel-modules-extra gcc-gfortran
                    libdb-devel fuse-devel python3-Cython cmake perl-generators libstdc++-devel libmnl-devel bison flex gcc-c++
                    python3-docutils libnsl liburing hwloc-gui perl-open perl python2 js-d3-flame-graph xmlstarlet conntrack-tools crudini"

        ;;
    *)
        base_package_to_install="error_profile_id"
        echo "Set base_package_to_install failed, error profile_id: $profile_id"
        exit 1
        ;;
esac

set -ex

yum -c "$yum_config" --installroot="$target" -y makecache

yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt install $base_package_to_install --disablerepo='ofed'
yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt install $append_package_to_install

#git clone --depth 1 https://github.com/brendangregg/FlameGraph.git /opt/tools/FlameGraph/
#git clone --depth 1 https://github.com/brendangregg/perf-tools.git /opt/tools/perf-tools/
test -d "$target"/opt/tsg/tools/ || mkdir -p "$target"/opt/tsg/tools/
tar -zxf $projectdir/tools/FlameGraph.tar.gz -C "$target"/opt/tsg/tools/
tar -zxf $projectdir/tools/perf-tools.tar.gz -C "$target"/opt/tsg/tools/
cp $projectdir/tools/run_flamegrah.sh "$target"/opt/tsg/tools/

cat > "$target"/etc/sysconfig/network <<EOF
NETWORKING=yes
HOSTNAME=localhost.localdomain
EOF

mkdir -p $target/etc/profile.d

cat > $target/etc/profile.d/prompt_command.sh << EOF
oobc_enable_file_path="/var/lib/.tsg-os-oobc-enable"

read_oobc_value()
{
    if [ -e "\$oobc_enable_file_path" ]; then
        echo "(OOBC) "
    fi
}
PROMPT_COMMAND='printf "\033]0;%s@%s:%s\007" "\${USER}" "\${HOSTNAME%%.*}" "\${PWD/#\$HOME/\~}"; PS1="[\\\u@\\\h \$(read_oobc_value)\\\W]\\\\$ "'
EOF

chmod 0755 $target/etc/profile.d/prompt_command.sh

# effectively: febootstrap-minimize --keep-zoneinfo --keep-rpmdb
# --keep-services "$target".  Stolen from mkimage-rinse.sh
#  locales
# rm -rf "$target"/usr/{{lib,share}/locale,{lib,lib64}/gconv,bin/localedef,sbin/build-locale-archive}
#  docs
# rm -rf "$target"/usr/share/{man,doc,info,gnome/help}
#  cracklib
# rm -rf "$target"/usr/share/cracklib
#  i18n
# rm -rf "$target"/usr/share/i18n
#  sln
# rm -rf "$target"/sbin/sln

#  ldconfig
rm -rf "$target"/etc/ld.so.cache
rm -rf "$target"/var/cache/ldconfig/*

cd $target/boot
ln -sf vmlinuz-$kernel_version vmlinuz
ln -sf initramfs-$kernel_version.img initrd.img
cd -

cp -a /dev/null $target/dev/
cp -a /dev/zero $target/dev/
cp -a /dev/urandom $target/dev/
cp -a /dev/random $target/dev/


# install ONIE helpers
chmod 0755 $projectdir/rootconf/sysroot-bin/*
chmod 0755 $projectdir/rootconf/sysroot-lib/*
cp -rf $projectdir/rootconf/sysroot-bin/* $target/bin/
cp -rf $projectdir/rootconf/sysroot-lib/* $target/lib/
cp -rf $projectdir/rootconf/sysroot-usr/service/* $target/usr/lib/systemd/system
cp -rf $projectdir/rootconf/sysroot-usr/sysctl/* $target/usr/lib/sysctl.d/

ln -vfs --relative  $target/usr/lib/systemd/system/ldconfig.service $target/usr/lib/systemd/system/sysinit.target.wants/ldconfig.service

#tty audit using pam
if [ ! -f "$target/etc/pam.d/system-auth-local" ]; then
    mv $target/etc/pam.d/system-auth $target/etc/pam.d/system-auth-local
    echo "session     required      pam_tty_audit.so  enable=*" >> $target/etc/pam.d/system-auth-local
    ln -vfs --relative $target/etc/pam.d/system-auth-local $target/etc/pam.d/system-auth

fi

if [ ! -f "$target/etc/pam.d/password-auth-local" ]; then
    mv $target/etc/pam.d/password-auth $target/etc/pam.d/password-auth-local
    echo "session     required      pam_tty_audit.so  enable=*" >> $target/etc/pam.d/password-auth-local
    ln -vfs --relative $target/etc/pam.d/password-auth-local $target/etc/pam.d/password-auth
fi

# ansible-playbook -i tsg-9140-scripts/install_config/tsg_9140_host tsg-9140-scripts/tsg_9140_deploy.yml
yum -c "$yum_config" --installroot="$target" -y --setopt=$setopt clean all

rm -rf $target/tmp/*
rm -rf $target/core.*
#rm -rf $target/etc/machine-id
#cat /dev/null > $target/etc/machine-id

# tar --numeric-owner -c -C centos_mkroot/ . | pbzip2 -p9 > input/centos-7-chroot.tar.bz2

#rm -rf "$target"