#!/bin/sh

set -e

echo "Updating apt..."
apt-get -qq update

echo "Installing get tools..."
apt-get -qq -y --no-install-recommends install curl jq ca-certificates git > /dev/null

REPO_NAME="deltachat/deltachat-desktop"
REPO_URL="https://github.com/${REPO_NAME}.git"

if [ -z ${1+x} ]; then
    echo "No release selected, selecting the latest..."
    CHECKOUT="$(curl --silent --fail --show-error "https://api.github.com/repos/${REPO_NAME}/releases/latest" | jq -r .tag_name)"
    echo "Latest release: ${CHECKOUT}"
else
    CHECKOUT="${1}"
    echo "Release selected: ${CHECKOUT}"
fi

echo "Getting the source..."
./getsauce.sh "git" \
              "${REPO_URL}" \
              "${CHECKOUT}"

cd project

echo "Installing build dependencies (apt)..."
apt-get -qq -y --no-install-recommends install npm cargo > /dev/null
echo "Installing build dependencies (npm)..."
npm install
echo "Build dependencies installed."

echo "Building the app..."
NODE_ENV=production npm run build
NO_ASAR=true npm run pack:generate_config
echo "App built successfully."

echo "Packaging..."
npm run pack:linux
echo "App packaged successfully."

cd ..

echo "Package(s) deploy..."
mkdir pkg
cp project/dist/*.deb pkg/

echo "Moving package(s) to the repo..."
mkdir -p repo
mv pkg/*.deb repo/

cd repo

echo "Updating the repo..."
apt-ftparchive packages . > Packages
gzip -k -f Packages
apt-ftparchive release . > Release

cd ..

apt-get -qq -y --no-install-recommends install gpg gpg-agent

echo "Checking if is possible to sign the repo..."
mkdir -p keys
chmod 600 keys
export GNUPGHOME="${PWD}/keys"

if [ ! -f "keys/pubring.kbx" ]; then
    echo "The file 'pubring.kbx' file has not been found. Generating automatically a new one with a new set of keys..."
    KEY_NAME="Joe Tester"
    KEY_PASSPHRASE="over-the-lazy-dog"
    cat >foo_keys <<EOF
         %echo Generating a basic OpenPGP key
         Key-Type: RSA
         Key-Length: 4096
         Subkey-Type: RSA
         Subkey-Length: 4096
         Name-Real: ${KEY_NAME}
         Name-Comment: with stupid passphrase
         Name-Email: joe@foo.bar
         Expire-Date: 0
         Passphrase: ${KEY_PASSPHRASE}
         # Do a commit here, so that we can later print "done" :-)
         %commit
         %echo done
EOF

    gpg --batch --generate-key foo_keys
    echo "${KEY_PASSPHRASE}" > keys/passphrase
fi

if [ -z ${GPG_SUBKEY_ID+x} ]; then
    echo "A GPG key id has not been defined. Automatically selecting a fingerprint..."
    # List key and its subkey with their respective fingerprints | filter fingerprints of both keys | pick fingerprint of the second row
    # (the subkey seems to be listed always after its respective subkey)
    GPG_SUBKEY_ID="$(gpg --list-secret-key --with-subkey-fingerprint --with-colons | awk -F: '$1 == "fpr" {print $10;}' | sed -n '2 p')"
fi

echo "Signing the repo..."
gpg --passphrase-file keys/passphrase --pinentry-mode loopback --default-key $GPG_SUBKEY_ID -abs -o - repo/Release > repo/Release.gpg
gpg --passphrase-file keys/passphrase --pinentry-mode loopback --default-key $GPG_SUBKEY_ID --clearsign -o - repo/Release > repo/InRelease
echo "Done."