#!/usr/bin/env bash
set -euo pipefail

declare -A VERSIONS=(
    ["cni-plugins"]=v1.1.0
    ["runc"]=v1.1.2
    ["bats"]=v1.2.1
)

main() {
    set -x
    prepare_system

    install_packages
    install_conmon
    install_bats
    install_critools
    install_runc
    install_cni_plugins
    install_testdeps
    setup_etc_subid
}

prepare_system() {
    sudo systemctl stop docker
    sudo ufw disable

    # enable necessary kernel modules
    sudo ip6tables --list >/dev/null

    # enable necessary sysctls
    sudo sysctl -w net.ipv4.conf.all.route_localnet=1
    sudo sysctl -w net.ipv4.ip_forward=1
    # needed for crictl test
    sudo sysctl -w net.bridge.bridge-nf-call-iptables=1
    sudo iptables -t nat -I POSTROUTING -s 127.0.0.0/8 ! -d 127.0.0.0/8 -j MASQUERADE
}

remove_packages() {
    sudo apt-get remove \
        conmon \
        containernetworking-plugins
}

install_packages() {
    sudo apt update
    sudo apt install -y \
        conntrack \
        libaio-dev \
        libapparmor-dev \
        libbtrfs-dev \
        libcap-dev \
        libdevmapper-dev \
        libfuse-dev \
        libgpgme11-dev \
        libnet1-dev \
        libnl-3-dev \
        libprotobuf-c-dev \
        libprotobuf-dev \
        libseccomp-dev \
        libsystemd-dev \
        libudev-dev \
        socat \
        uuid-dev
}

install_conmon() {
    sudo make install
    conmon --version
}

install_bats() {
    git clone https://github.com/bats-core/bats-core
    pushd bats-core
    git checkout "${VERSIONS["bats"]}"
    sudo ./install.sh /usr/local
    popd
    rm -rf bats-core
    mkdir -p ~/.parallel
    touch ~/.parallel/will-cite
}

install_critools() {
    URL=https://github.com/kubernetes-sigs/cri-tools

    git clone $URL
    pushd cri-tools
    sudo -E PATH="$PATH" make BINDIR=/usr/bin install
    popd
    sudo rm -rf cri-tools
    sudo critest --version
    sudo crictl --version
}

install_cni_plugins() {
    URL=https://github.com/containernetworking/plugins/releases/download
    TARBALL=cni-plugins-linux-amd64-${VERSIONS["cni-plugins"]}.tgz
    CNI_DIR=/opt/cni/bin
    sudo mkdir -p "$CNI_DIR"
    wget -O "$TARBALL" $URL/"${VERSIONS["cni-plugins"]}"/"$TARBALL"
    sudo tar xf "$TARBALL" -C "$CNI_DIR"
    rm "$TARBALL"
    ls -lah "$CNI_DIR"
}

install_runc() {
    URL=https://github.com/opencontainers/runc/releases/download/"${VERSIONS["runc"]}"
    BINARY=/usr/sbin/runc
    sudo wget -O "$BINARY" "$URL"/runc.amd64
    sudo chmod +x "$BINARY"

    # Verify the SHA256
    SUMFILE=runc.sha256sum
    wget "$URL"/$SUMFILE
    grep -qw "$(sha256sum "$BINARY" | awk '{ print $1 }')" $SUMFILE
    rm $SUMFILE

    runc --version
}

install_testdeps() {
    CLONE_PATH=$(go env GOPATH)/src/github.com/cri-o
    mkdir -p "$CLONE_PATH"
    pushd "$CLONE_PATH"

    URL=https://github.com/cri-o/cri-o
    git clone $URL
    pushd cri-o
    make "$(pwd)"/build/bin/ginkgo
    sudo cp build/bin/ginkgo /usr/bin
    ginkgo version

    sudo mkdir -p /etc/containers/registries.d
    sudo cp test/policy.json /etc/containers
    sudo cp test/redhat_sigstore.yaml /etc/containers/registries.d/registry.access.redhat.com.yaml
    sudo cp test/registries.conf /etc/containers/registries.conf
    popd
    popd
}

setup_etc_subid() {
    echo "containers:200000:65536" | sudo tee -a /etc/subuid
    echo "containers:200000:65536" | sudo tee -a /etc/subgid

}

main "$@"
