#!/bin/sh

set -e

if ! [ -r /etc/oci-poc/openstack-ci.conf ] ; then
	echo "Cannot read /etc/oci-poc/openstack-ci.conf: exiting."
	exit 1
fi
. /etc/oci-poc/openstack-ci.conf

OCI_PROJECT=oci-ci
OCI_USERNAME=oci-ci
OCI_PASSWORD=$(openssl rand -hex 32)

if [ "${OS_PROJECT_NAME}" != "admin" ] || [ "${OS_USERNAME}" != "admin" ] ; then
	echo "OS_PROJECT_NAME or OS_USERNAME is not admin: please source admin creds."
	exit 1
fi

echo "===> Creating project ${OCI_PROJECT}"
if [ ""$(openstack project show ${OCI_PROJECT} --format value -c name || true) != "${OCI_PROJECT}" ] ; then
	openstack project create ${OCI_PROJECT}
	echo "-> created."
else
	echo "-> Already exists."
fi

echo "===> Creating user ${OCI_USERNAME}"
if [ ""$(openstack user show ${OCI_USERNAME} --format value -c name || true) != "${OCI_USERNAME}" ] ; then
	openstack user create --password ${OCI_PASSWORD} --email postmaster@example.com ${OCI_USERNAME}
	echo "-> Created."
else
	echo "-> Already exists."
fi

echo "===> Checking assigned roles"
for ROLE in member creator load-balancer_member SwiftOperator ; do
	echo "---> Checking $ROLE"
	MYROLE=$(openstack role assignment list --user ${OCI_USERNAME} --project ${OCI_PROJECT} --names --format csv | q -d, -H "SELECT Role FROM - WHERE User='oci-ci@Default' AND Project='oci-ci@Default' AND Role='${ROLE}'")
	if [ "${MYROLE}" != "${ROLE}" ] ; then
		openstack role add --user ${OCI_USERNAME} --project ${OCI_PROJECT} ${ROLE}
		echo "-> Role added."
	else
		echo "-> Already exists."
	fi
done

echo "===> Setting-up quota for ${OCI_PROJECT}"
openstack quota set --cores 160 --gigabytes 1000 --ram 256000 --secgroups 100 --secgroup-rules 500 --volumes 50 --key-pairs 100 --instances 100
