#!/bin/bash

# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

# Script to build a bootable keyfob-based chromeos system image from within
# a coreos setup. This assumes that all needed packages have been built into
# the given target's root with binary packages turned on. This script will
# build the Chrome OS image using only pre-built binary packages.

SCRIPT_ROOT=$(dirname $(readlink -f "$0"))
. "${SCRIPT_ROOT}/common.sh" || exit 1

# Script must run inside the chroot
assert_inside_chroot

assert_not_root_user

DEFAULT_GROUP=developer
DEFAULT_DEVCONTAINER_BINHOST="${SETTING_BINPKG_SERVER_PROD}"

# Developer-visible flags.
DEFINE_string board "${DEFAULT_BOARD}" \
  "The board to build an image for."
DEFINE_boolean getbinpkg "${FLAGS_FALSE}" \
  "Download binary packages from remote repository."
DEFINE_string getbinpkgver "" \
  "Use binary packages from a specific version."
DEFINE_boolean enable_rootfs_verification ${FLAGS_TRUE} \
  "Default all bootloaders to use kernel-based root fs integrity checking."
DEFINE_string base_pkg "coreos-base/coreos" \
  "The base portage package to base the build off of (only applies to prod images)"
DEFINE_string base_dev_pkg "coreos-base/coreos-dev" \
  "The base portage package to base the build off of (only applies to dev containers)"
DEFINE_string base_sysexts "containerd-flatcar|app-containers/containerd,docker-flatcar|app-containers/docker&app-containers/docker-cli&app-containers/docker-buildx" \
  "Comma-separated list of name:package[&package[&package]] - build 'package' (a single package or a list of packages separated by '&') into sysext 'name', and include with OS image and update payload. Must be in order of dependencies, base sysexts come first."
DEFINE_string output_root "${DEFAULT_BUILD_ROOT}/images" \
  "Directory in which to place image result directories (named by version)"
DEFINE_string disk_layout "" \
  "The disk layout type to use for this image."
DEFINE_string group "${DEFAULT_GROUP}" \
  "The update group."
DEFINE_boolean extract_update "${FLAGS_TRUE}" \
  "Extract the /usr partition for generating updates. Only valid for the prod image."
DEFINE_boolean generate_update "${FLAGS_TRUE}" \
  "Generate update payload for testing. The update is signed with a dev key. The kernel is signed with a dev key (unofficial builds) or not at all (official builds). Only valid for the prod image. Implies --extract_update."
DEFINE_string developer_data "" \
  "Insert a custom cloudinit file into the image."
DEFINE_string devcontainer_binhost "${DEFAULT_DEVCONTAINER_BINHOST}" \
  "Override portage binhost configuration used in development container."

# include upload options
. "${BUILD_LIBRARY_DIR}/release_util.sh" || exit 1

FLAGS_HELP="USAGE: build_image [flags] [list of images to build].
This script is used to build a CoreOS image. CoreOS comes in many
different forms.  This scripts can be used to build the following:

prod - Production image for CoreOS. This image is for booting (default if no argument is given).
prodtar - Production container tar ball (implies prod). This can e.g. be used to run the Flatcar production image as a container (run machinectl import-tar or docker import).
container - Developer image with single filesystem, bootable by nspawn.
sysext - Build extra sysexts (podman, python, zfs, etc.).
oem_sysext - Build OEM sysexts for all supported platforms.

Examples:

build_image --board=<board> [prod] [prodtar] [container] [sysext] [oem_sysext] - builds developer and production images/tars.
...
"
show_help_if_requested "$@"

# The following options are advanced options, only available to those willing
# to read the source code. They are not shown in help output, since they are
# not needed for the typical developer workflow.
DEFINE_integer build_attempt 1 \
  "The build attempt for this image build."
DEFINE_boolean replace ${FLAGS_FALSE} \
  "Overwrite existing output, if any."
DEFINE_string version "" \
  "Overrides version number in name to this version."

# Parse command line.
FLAGS "$@" || exit 1

eval set -- "${FLAGS_ARGV:-prod oem_sysext}"

# Only now can we die on error.  shflags functions leak non-zero error codes,
# so will die prematurely if 'switch_to_strict_mode' is specified before now.
switch_to_strict_mode

# If downloading packages is enabled ensure the board is configured properly.
if [[ ${FLAGS_getbinpkg} -eq ${FLAGS_TRUE} ]]; then
  "${SRC_ROOT}/scripts/setup_board" --board="${FLAGS_board}" \
      --getbinpkgver="${FLAGS_getbinpkgver}" --regen_configs_only
fi

# N.B.  Ordering matters for some of the libraries below, because
# some of the files contain initialization used by later files.
. "${BUILD_LIBRARY_DIR}/toolchain_util.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/board_options.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/build_image_util.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/prod_image_util.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/dev_container_util.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/test_image_content.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/vm_image_util.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/extra_sysexts.sh" || exit 1
. "${BUILD_LIBRARY_DIR}/oem_sysexts.sh" || exit 1

PROD_IMAGE=0
PROD_TAR=0
CONTAINER=0
SYSEXT=0
OEM_SYSEXT=0
for arg in "$@"; do
  case "${arg}" in
    prod) PROD_IMAGE=1 ;;
    prodtar) PROD_IMAGE=1 PROD_TAR=1 ;;
    container) CONTAINER=1 ;;
    sysext) SYSEXT=1 ;;
    oem_sysext) OEM_SYSEXT=1 ;;
    *)    die_notrace "Unknown image type ${arg}" ;;
  esac
done

# Check that the build root is sane.
if [[ ${skip_test_build_root} -ne 1 ]]; then
  info "Checking build root"
  test_image_content "${BOARD_ROOT}"
fi

# Handle existing directory.
if [[ -e "${BUILD_DIR}" ]] && [[ "${PROD_IMAGE}" = 1 ]]; then
  if [[ ${FLAGS_replace} -eq ${FLAGS_TRUE} ]]; then
    sudo rm -rf "${BUILD_DIR}"
  else
    error "Directory ${BUILD_DIR} already exists."
    error "Use --build_attempt option to specify an unused attempt."
    error "Or use --replace if you want to overwrite this directory."
    die "Unwilling to overwrite ${BUILD_DIR}."
  fi
fi

# Create the output directory and temporary mount points.
mkdir -p "${BUILD_DIR}"

# --generate_update implies --extract_update.
if [[ ${FLAGS_generate_update} -eq ${FLAGS_TRUE} ]]; then
  FLAGS_extract_update=${FLAGS_TRUE}
fi

DISK_LAYOUT="${FLAGS_disk_layout:-base}"
CONTAINER_LAYOUT="${FLAGS_disk_layout:-container}"

if [[ -n "${FLAGS_developer_data}" ]]; then
  if [[ ! -f "${FLAGS_developer_data}" ]]; then
    die_notrace "Developer data is not a file: ${FLAGS_developer_data}"
  fi
  info "Using developer cloudinit data: ${FLAGS_developer_data}"
elif [[ -s /etc/shared_user_passwd.txt ]]; then
  FLAGS_developer_data="${BUILD_DIR}/developer_data"
  info "Generating developer cloudinit with shared user password."
  cat >"${FLAGS_developer_data}" <<EOF
#cloud-config

users:
  - name: core
    passwd: $(</etc/shared_user_passwd.txt)
EOF
fi

fix_mtab

if [[ "${CONTAINER}" -eq 1 ]]; then
  IMAGE_BUILD_TYPE="container"
  create_dev_container "${FLATCAR_DEVELOPER_CONTAINER_NAME}" "${CONTAINER_LAYOUT}" "${FLAGS_devcontainer_binhost}" "${FLAGS_group}" ${FLAGS_base_dev_pkg}
fi

if [[ "${PROD_IMAGE}" -eq 1 ]]; then
  IMAGE_BUILD_TYPE="prod"
  create_prod_image ${FLATCAR_PRODUCTION_IMAGE_NAME} ${DISK_LAYOUT} ${FLAGS_group} ${FLAGS_base_pkg} ${FLAGS_base_sysexts}
  if [[ ${FLAGS_extract_update} -eq ${FLAGS_TRUE} ]]; then
    extract_update "${FLATCAR_PRODUCTION_IMAGE_NAME}" "${DISK_LAYOUT}"
  fi
  if [[ ${FLAGS_generate_update} -eq ${FLAGS_TRUE} && ${COREOS_OFFICIAL:-0} -ne 1 ]]; then
    generate_update "${FLATCAR_PRODUCTION_IMAGE_NAME}" "${DISK_LAYOUT}"
  fi
  if [[ "${PROD_TAR}" -eq 1 ]]; then
    create_prod_tar ${FLATCAR_PRODUCTION_IMAGE_NAME}
  fi
fi
if [[ "${SYSEXT}" -eq 1 ]]; then
  create_prod_sysexts "${FLATCAR_PRODUCTION_IMAGE_NAME}"
fi
if [[ "${OEM_SYSEXT}" -eq 1 ]]; then
  create_oem_sysexts "${FLATCAR_PRODUCTION_IMAGE_NAME}"
fi

if [[ ${FLAGS_extract_update} -eq ${FLAGS_TRUE} ]]; then
  zip_update_tools
fi

# Write out a version.txt file, this will be used by image_to_vm.sh
split_ver "${FLATCAR_VERSION_ID}" SPLIT
tee "${BUILD_DIR}/version.txt" <<EOF
FLATCAR_BUILD=${SPLIT[0]}
FLATCAR_BRANCH=${SPLIT[1]}
FLATCAR_PATCH=${SPLIT[2]}
FLATCAR_VERSION=${FLATCAR_VERSION}
FLATCAR_VERSION_ID=${FLATCAR_VERSION_ID}
FLATCAR_BUILD_ID="${FLATCAR_BUILD_ID}"
FLATCAR_SDK_VERSION=${FLATCAR_SDK_VERSION}
EOF

# Create a named symlink.
set_build_symlinks latest "${FLAGS_group}-latest"

echo "Done. Image(s) created in ${BUILD_DIR}"

print_image_to_vm() {
  flags=
  if [ $# = 1 ]; then
    flags="--${1}_image"
  fi

  cat << EOF
To convert it to a virtual machine image, use:
  ./image_to_vm.sh --from=${OUTSIDE_OUTPUT_DIR} --board=${BOARD} ${flags}

The default type is $(get_default_vm_type ${BOARD}), see ./image_to_vm.sh --help for other options.
EOF
}

# Print out the images we generated.
if [[ "${PROD_IMAGE}" -eq 1 ]]; then
  echo "Flatcar Production image created as ${FLATCAR_PRODUCTION_IMAGE_NAME}"
  print_image_to_vm
fi

command_completed
