#!/bin/bash

if [ ${DIB_DEBUG_TRACE:-0} -gt 1 ]; then
    set -x
fi
set -eu
set -o pipefail

[ -n "$ARCH" ]
[ -n "$TARGET_ROOT" ]

if [ 'amd64' = "$ARCH" ] ; then
    ARCH="x86_64"
fi

if ! [ 'x86_64' = "$ARCH" ] ; then
    echo "Only x86_64 images are currently available but ARCH is set to $ARCH."
    exit 1
fi

# Set some image defaults
OPENSUSE_IMAGE_BASEDIR=Leap
OPENSUSE_IMAGE_FILE=openSUSE-Leap-${DIB_RELEASE}
OPENSUSE_IMAGE_EXT=qcow2
# NOTE(toabctl): if something changes here on the buildservice side, please
# first ask in #opensuse-buildservice on Libera Chat before you change the
# format here!
DIB_CLOUD_IMAGES=${DIB_CLOUD_IMAGES:-https://download.opensuse.org/repositories/Cloud:/Images:/${OPENSUSE_IMAGE_BASEDIR}_${DIB_RELEASE}/images/}
BASE_IMAGE_FILE=${BASE_IMAGE_FILE:-${OPENSUSE_IMAGE_FILE}.${ARCH}-NoCloud.${OPENSUSE_IMAGE_EXT}}
SHA256SUMS_FILE=${SHA256SUMS_FILE:-${BASE_IMAGE_FILE}.sha256}

CACHED_FILE=$DIB_IMAGE_CACHE/$BASE_IMAGE_FILE
CACHED_SHA256SUMS_FILE=$DIB_IMAGE_CACHE/SHA256SUMS.$BASE_IMAGE_FILE

# FIXME: either check the checksums into git or verify the signature
# on the checksums. We should not be trusting checksums we download
# over HTTP
if [ -n "$DIB_OFFLINE" -a -f "$CACHED_FILE" ] ; then
    echo "Not checking freshness of cached $CACHED_FILE."
    # Extract the base image (use --numeric-owner to avoid UID/GID mismatch
    # between image tarball and host OS)
    sudo tar -C $TARGET_ROOT --numeric-owner -xf $CACHED_FILE
else
    echo "Fetching Base Image ${BASE_IMAGE_FILE}"
    $TMP_HOOKS_PATH/bin/cache-url $DIB_CLOUD_IMAGES/$SHA256SUMS_FILE $CACHED_SHA256SUMS_FILE
    $TMP_HOOKS_PATH/bin/extract-image $BASE_IMAGE_FILE $BASE_IMAGE_FILE.tgz $DIB_CLOUD_IMAGES/$BASE_IMAGE_FILE $CACHED_FILE
    pushd $DIB_IMAGE_CACHE

    # Calculate sha256sum of downloaded image and check against content from sha256 file
    SHA256SUM=$(sha256sum ${BASE_IMAGE_FILE} | cut -d " " -f1)
    SIZE=$(stat -c%s ${BASE_IMAGE_FILE})
    echo "Base image has sha256sum:${SHA256SUM} size:${SIZE}"
    if grep -q $SHA256SUM SHA256SUMS.$BASE_IMAGE_FILE; then
        echo "Image downloaded successfully"
    else
        echo "*** Checksum mismatch"
        cat SHA256SUMS.$BASE_IMAGE_FILE
        exit 1
    fi
    popd
fi