#!/bin/bash -eu

: ${TOPDIR:="/usr/src/packages"}

KIWI_DIR=$TOPDIR/KIWI/

test -d $KIWI_DIR && cd $KIWI_DIR

STEM=openSUSE-MicroOS
EXT=.tar.xz
SOURCE=$(echo $STEM*$EXT)

# check if a SOURCE file exists
if ls $STEM*$EXT 1> /dev/null 2>&1; then

    echo "Source $SOURCE"

    BUILD=${SOURCE%%.tar.xz}
    BUILD=${BUILD##*-tbz-}

    mkdir -p swu
    pushd swu > /dev/null

    dd if=/dev/zero of=loopbackfile.img bs=1M count=1024
    losetup -fP loopbackfile.img
    mkfs.ext4 loopbackfile.img
    mkdir loopfs
    mount -o loop /dev/loop0 loopfs
    mkdir tmp
    pushd tmp
    tar xf ../../$SOURCE
    # XXX hack for broken MicroOS-release package
    if [ -d etc/YaST2/licenses/base ]; then
	    mkdir -p usr/share/licenses/product
	    mv etc/YaST2/licenses/base usr/share/licenses/product/
    fi
    mkdir -p usr/share/factory/etc
    mv etc/* usr/share/factory/etc
    mv usr/* ../loopfs
    if [ -e ../loopfs/lib/os-release ]; then
        . ../loopfs/lib/os-release
    else
	. ../loopfs/share/factory/etc/os-release
    fi
    popd > /dev/null
    rm -rf tmp
    umount loopfs
    rmdir loopfs
    losetup -d /dev/loop0
    mv loopbackfile.img openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.img
    zstd --rm openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.img
    SHA256SUM_IMAGE=($(sha256sum openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.img.zst))
    ARCH=$(arch)

    # We need some scripts local
    cp /usr/libexec/tiu/swupdate-* .
    SHA256SUM_POSTINSTALL=($(sha256sum swupdate-postinstall))

    cat <<EOF > sw-description
software =
{
        version = "${VERSION_ID}-${BUILD}";

        hardware-compatibility: [ "${ARCH}" ];

	embedded-script = "
require (\"swupdate\")

function os.capture(cmd)
	local f = assert(io.popen(cmd, 'r'))
	local s = assert(f:read('*a'))
	f:close()
	return s
end

function preinst(image)
	 swupdate.trace('Calling preinstall LUA function...')
	 local out = os.capture('/usr/libexec/tiu/swupdate-preinstall')
	 return true, image
end

function postinst()

	 swupdate.trace('Calling postinstall LUA function...')
	 local out = os.capture('/usr/libexec/tiu/swupdate-postinstall')

	 return true, out
end ";

        images: (
                {
                        filename = "openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.img.zst";
                        name = "openSUSE-MicroOS-TIU";
                        version = "${VERSION_ID}-${BUILD}";
                        device = "/dev/update-image-usr";
                        type = "raw";
                        compressed = "zstd";
                        sha256 = "$SHA256SUM_IMAGE";
			installed-directly = true;
                        install-if-higher = true;
			hook = "preinst";
                }
        );

        scripts: (
                {
                        filename = "swupdate-postinstall";
                        type = "postinstall";
                        sha256 = "$SHA256SUM_POSTINSTALL";
                }
        );
}
EOF

    cat sw-description
    FILES="sw-description sw-description.sig swupdate-postinstall openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.img.zst"

    # XXX no plain passwords here!
    echo -n "linux" > password
    openssl dgst -sha256 -sign /usr/share/swupdate/certs/priv.pem -passin file:password sw-description > sw-description.sig
    rm password

    for i in $FILES; do
        echo $i
    done | cpio -ov -H crc >  openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.swu

    rm -fv $FILES

    ln -sf openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.swu openSUSE-MicroOS-TIU.swu

    mkdir -p /run/swupdate
    swupdate --verbose -c -i openSUSE-MicroOS-TIU-${VERSION_ID}-${BUILD}.swu -k /usr/share/swupdate/certs/public.pem -H arch:${ARCH}

    popd > /dev/null

    # DEBUG
    ls -l
    ls -l swu
else
    echo "No $EXT archive found"
fi
