#!/usr/bin/env bash
# author: joe.zheng
# version: 24.04.02

set -e

# @self {
# AUTO-GENERATED, DO NOT EDIT!

SELF="$(basename $0)"
SELF_VERSION="$(sed -n '1,4s/# version: \(.*\)/\1/p' $0)"

# @self }
NAME="${SELF#*-}"
NAME_CTL="${NAME}ctl"

# details in https://istio.io/latest/docs/releases/supported-releases/
VERSION="1.21.0"      # version to install
CUR_VER=              # current version if any
UNINSTALL=n           # reset the deployment and uninstall components
OFFLINE=${OFFLINE:-n} # no external network

BASEURL="https://github.com/istio/istio"

VARIANT="$(uname -s | tr A-Z a-z)-$(uname -m | sed 's/x86_64/amd64/')"
INSTALL_DIR_BIN="/usr/local/bin"

# @dry-run {
# AUTO-GENERATED, DO NOT EDIT!

DRY_RUN="${DRY_RUN:-n}"        # "y" to enable
RUN=''                         # command prefix for dry run
if [[ $DRY_RUN == 'y' ]]; then
  RUN='echo'
fi

# @dry-run }

function usage() {
  cat <<EOF
Usage: $SELF [-m <type>] [-v <ver>] [-U] [-n] [-h]

  Setup Istio the easy way

  -m <type>: install via mirror [$MIRRORS], default: $MIRROR
  -v <ver>:  target version, default: $VERSION
  -U:        uninstall components, default: $UNINSTALL
  -n:        print information only, default: $DRY_RUN
  -h:        print the usage message

Cache:

  To speed up deployment, the required files will be cached at "$CACHE"

Environment variables:

  MIRROR_URL:  mirror to use, default: $MIRROR_URL
  OFFLINE:     force into offline mode [y n], default: $OFFLINE

Examples:

  1. Deploy Istio
     $SELF

  2. Install Istio with specific version
     $SELF -v $VERSION

  3. Uninstall
     $SELF -U


Version: $SELF_VERSION
EOF

}

function main() {
  # adjust default version if already deployed
  CUR_VER="$(current_version)"
  VERSION="${CUR_VER:-$VERSION}"

  while getopts ":m:v:hnU" opt
  do
    case $opt in
      m ) MIRROR=$OPTARG
          if echo $MIRRORS | grep -v -w $MIRROR >/dev/null 2>&1; then
            err "invalid mirror option $MIRROR"
            usage && exit 1
          fi
          ;;
      v ) VERSION=${OPTARG#v};;
      U ) UNINSTALL=y;;
      n ) DRY_RUN=y && RUN='echo';;
      h ) usage && exit;;
      * ) usage && echo "invalid option: -$OPTARG" && exit 1;;
    esac
  done
  shift $((OPTIND-1))

  for v in CACHE DRY_RUN MIRROR MIRROR_URL UNINSTALL VERSION CUR_VER
  do
    eval echo "$v: \${$v}"
  done

  [[ $DRY_RUN == "y" ]] && exit

  validate_sudo
  check_prerequisites
  check_network
  check_mirror
  ensure_workdir

  local package_dir="$CACHE_PACKAGES/common/$NAME-$VERSION"
  local package_file="$NAME-$VERSION-$VARIANT.tar.gz"

  mkdir -p $package_dir

  if [[ $OFFLINE == "y" ]]; then
    msg "WARNING: offline mode, cache must be ready"
  else
    local url="$BASEURL/releases/download/$VERSION/$package_file"
    download_file "$(mirror_url $url)" "$package_dir/$package_file"
  fi

  tar xzf $package_dir/$package_file -C $CACHE_RUN --strip-components=1

  if [[ $UNINSTALL == "y" ]]; then
    msg "uninstall $NAME_CTL"
    $SUDO rm -f $INSTALL_DIR_BIN/$NAME_CTL
  else
    msg "install $NAME_CTL"
    $SUDO install $CACHE_RUN/bin/$NAME_CTL $INSTALL_DIR_BIN/$NAME_CTL

    cat <<EOF

# here are some tips to follow:
# read https://istio.io/latest/docs/setup/getting-started
istioctl help
istioctl help profile
istioctl profile list

source <(istioctl completion bash)

istioctl install -y --set profile=demo
istioctl verify-install

kubectl label namespace default istio-injection=enabled
kubectl apply -f $CACHE_RUN/samples/bookinfo/platform/kube/bookinfo.yaml
kubectl apply -f $CACHE_RUN/samples/bookinfo/networking/bookinfo-gateway.yaml
kubectl get po -w
istioctl analyze
kubectl get svc istio-ingressgateway -n istio-system

kubectl api-resources | grep istio
kubectl get gw -o yaml
kubectl get vs -o yaml

kubectl apply -f $CACHE_RUN/samples/addons
kubectl rollout status deployment/kiali -n istio-system
istioctl dashboard kiali

kubectl delete -f $CACHE_RUN/samples/addons
istioctl uninstall -y --purge
kubectl delete namespace istio-system
kubectl label namespace default istio-injection-
EOF

  fi

  msg "done"
}

function current_version() {
  local version=
  if [[ -n $(which $NAME_CTL) ]]; then
    version="$($NAME_CTL version -s --remote=false)"
  fi
  echo $version
}

function check_prerequisites() {
  msg "check prerequisites"
  if [[ -z $(which curl) ]]; then
    err "curl is not available"
    exit 1
  fi
}

# @base {
# AUTO-GENERATED, DO NOT EDIT!

function msg {
  echo "> $@"
}

function err {
  echo "> $@" >&2
}

function has() {
  [[ -z "${1##*$2*}" ]] && [[ -z "$2" || -n "$1" ]]
}

# @base }

# @sudo {
# AUTO-GENERATED, DO NOT EDIT!

SUDO="sudo"
if [[ $(id -u) == "0" ]]; then
  SUDO=""
fi

function validate_sudo() {
  if [[ -n $SUDO ]]; then
    msg "validate sudo"
    sudo -v
  fi
}

# @sudo }

# @network {
# AUTO-GENERATED, DO NOT EDIT!

OFFLINE="${OFFLINE:-n}"                           # no external network
MIRROR="${MIRROR:-auto}"                          # mirror option to use
MIRRORS="yes no auto"                             # valid mirror options
USE_MIRROR="${USE_MIRROR:-n}"                     # need to use mirror
MIRROR_URL="${MIRROR_URL:-https://iffi.me/proxy}" # mirror or http proxy to use
URL_TO_CHECK="${URL_TO_CHECK:-https://raw.githubusercontent.com}"

# the target URL is reachable but the response may be 4xx or 5xx
function can_access() {
   curl -IL -s -m 5 $1 >/dev/null 2>&1
}

function check_network() {
  msg "check network"
  if [[ $OFFLINE != 'y' ]]; then
    if ! can_access example.com; then
      msg "can't access external network"
      OFFLINE="y"
    fi
  fi
  msg "offline mode: $OFFLINE"
}

function check_mirror() {
  msg "use mirror or not"

  local mirror;
  if [[ $MIRROR == "auto" ]]; then
    mirror="yes" # default as needed
    if [[ $OFFLINE == "y" ]]; then
      msg "offline mode, assume mirror is needed"
    else
      local target="$URL_TO_CHECK"
      msg "check whether we can access $target"
      if can_access $target; then
        msg "curl $target is OK"
        mirror="no"
      else
        msg "curl $target is FAILED"
      fi
    fi
  fi
  if [[ $MIRROR == "yes" || $mirror == "yes" ]]; then
    msg "mirror is needed"
    if can_access $MIRROR_URL; then
      USE_MIRROR="y"
    else
      err "failed to access mirror ($MIRROR_URL)"
    fi
  fi
  msg "use mirror: $USE_MIRROR"
}

function mirror_url() {
  local origin="${1:?argument missing}"

  if [[ $USE_MIRROR == "y" ]]; then
    echo -n "$MIRROR_URL/$origin"
  else
    echo -n "$origin"
  fi
}

# @network }

# @cache {
# AUTO-GENERATED, DO NOT EDIT!

CACHE="${CACHE:-cache}"                                    # the cache directory
CACHE_RUN="${CACHE_RUN:-$CACHE/run/$SELF}"                 # runtime generated files
CACHE_IMAGES="${CACHE_IMAGES:-$CACHE/images}"              # exported container images
CACHE_PACKAGES="${CACHE_PACKAGES:-$CACHE/packages}"        # software packages, e.g. .deb, .tar.gz
CACHE_MANIFESTS="${CACHE_MANIFESTS:-$CACHE/manifests}"     # manifest files in YAML format
CACHE_DOWNLOADING="${CACHE_DOWNLOADING:-$CACHE/.download}" # temporary directory for downloading

function ensure_workdir() {
  msg "ensure workdir"

  for d in $CACHE_RUN $CACHE_IMAGES $CACHE_PACKAGES $CACHE_MANIFESTS $CACHE_DOWNLOADING; do
    if [[ ! -d $d ]]; then
      msg "create dir: $d"
      mkdir -p $d
    fi
  done
}

function download_file() {
  local src="${1:?missing source url}"
  local dst="${2:?missing destination}"

  if [[ -f "$dst" ]]; then
    msg "already exist: $dst"
  else
    msg "download: $src"
    local tmp="$CACHE_DOWNLOADING/$(basename $dst)"
    $RUN curl -fsSL $src > $tmp
    $RUN mkdir -p $(dirname $dst) && mv $tmp $dst
    msg "saved at: $dst"
  fi
}

# @cache }

main "$@"