#Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
#Permission is hereby granted, free of charge, to any person obtaining a copy of
#this software and associated documentation files (the "Software"), to deal in
#the Software without restriction, including without limitation the rights to
#use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
#the Software, and to permit persons to whom the Software is furnished to do so.
#THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
#IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
#FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
#COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
#IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
#CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

if [[ -z "$AWS_SECRET_ACCESS_KEY" ]] || [[ -z "$AWS_ACCESS_KEY_ID" ]]
then
 echo "Please set AWS_SECRET_ACCESS_KEY and AWS_ACCESS_KEY_ID before proceeding"
 exit 2
fi

sudo chmod 755 /tmp/stackName
sudo chmod 755 /tmp/region
sudo chmod 755 /tmp/bucket

region=`sudo cat /tmp/region`
stackName=`sudo cat /tmp/stackName | sed 's/-PrepStack-.*//g'`

cd /tmp

EKS_Cluster_Name=`sudo cat /tmp/clusterName`

/usr/local/bin/aws eks update-kubeconfig --name $EKS_Cluster_Name --region $region
kubectl config set-context --current --namespace=$NameSpace

NIR=`/usr/local/bin/aws cloudformation describe-stacks --stack-name $stackName --region $region | jq -r  .Stacks[].Outputs[] |  grep -w -A1 EKSNodeInstanceRoleArn | tail -1 | awk -F\" '{print $4}'`
sudo sed -i s#NI_ROLE_ARN#$NIR# /tmp/aws-auth-cm.yaml

JHR=`/usr/local/bin/aws cloudformation describe-stacks --stack-name $stackName --region $region | jq -r  .Stacks[].Outputs[] |  grep -w -A1 JumpHostRoleArn | tail -1 | awk -F\" '{print $4}'`
sudo sed -i s#JUMPHOST_ROLE_ARN#$JHR# /tmp/aws-auth-cm.yaml

FPER=`/usr/local/bin/aws cloudformation describe-stacks --stack-name $stackName --region $region | jq -r  .Stacks[].Outputs[] |  grep -w -A1 FargatePodExecutionRoleARN | tail -1 | awk -F\" '{print $4}'`
sudo sed -i s#FG_POD_EXEC_ROLE_ARN#$FPER# /tmp/aws-auth-cm.yaml

kubectl apply -f /tmp/aws-auth-cm.yaml

nodes_ready=`kubectl get nodes 2> /dev/null | grep -w Ready | wc -l`
while [ $nodes_ready -lt 3 ];
do
 echo "`date "+%Y-%m-%d %H:%M:%S"` - $nodes_ready of 3 nodes ready..."
 nodes_ready=`kubectl get nodes 2> /dev/null | grep -w Ready | wc -l`
 sleep 3 
done
echo "`date "+%Y-%m-%d %H:%M:%S"` - 3 of 3 nodes ready..."
echo "done..."
kubectl get nodes

#Setting up aws logging for fargate
kubectl apply -f /tmp/aws-observability-namespace.yaml
sed -e s#REGION#`cat /tmp/region`# /tmp/aws-logging-cloudwatch-configmap.yaml | kubectl apply -f -

#unset AWS credential environment variables
unset AWS_SECRET_ACCESS_KEY
unset AWS_ACCESS_KEY_ID