#!/bin/bash
# -----------------------------------------------------------------------------
# Validates that the local environment is ready to commence release process.
# -----------------------------------------------------------------------------

[ ! -d "$ONOS_ROOT" ] && echo "ONOS_ROOT is not defined" >&2 && exit 1

dryRun=0
if [ "${1}" == "--dry-run" ]; then
    dryRun=1
fi

GERRIT_USER=${GERRIT_USER:-$USER}
WIKI_USER=${WIKI_USER:-$USER}

set -e

# Tests availability of the specified tools
function testTool {
    trap "echo 'FAILED'" ERR
    printf "Checking $1 availability... "
    which -s $1
    echo "OK"
}

# Tests availability of gerrit
function testGerritTool {
    trap "echo 'FAILED'" ERR
    printf "Checking gerrit... "
    git review --version 2>/dev/null
    echo "OK"
}

# Tests availability of GPG or GPG2
function testGpgTool {
    trap "echo 'FAILED'" ERR
    printf "Checking gpg or gpg2... "
    which -s gpg || which -s gpg2
    echo "OK"
}

# Tests Java version
function testJavaVersion {
    trap "echo 'FAILED'" ERR
    printf "Checking Java version... "
    v=$(javac -version 2>&1 | grep 1.8.0_ | sed -e 's/.*1.8.0_\([0-9]*\).*/\1/g')
    test "$v" -ge 73
    echo "OK"
}

# Tests availability of the required tools
function testToolchain {
    for tool in bash python git java javac mvn tar; do
        testTool $tool;
    done
    testGerritTool
    testGpgTool
    testJavaVersion
}

# Tests that the specified artifact dependency is not a snapshot version
function testArtifactDependency {
    trap "echo 'FAILED'" ERR
    printf "Checking $1 dependency... "
    grep "<$1.version>.*</$1.version>" $ONOS_ROOT/pom.xml | grep -q SNAPSHOT && false
    echo "OK"
}

# Tests that the ONOS-base is not a snapshot version
function testOnosBase {
    trap "echo 'FAILED'" ERR
    printf "Checking onos-base dependency... "
    grep -A1 "onos-base" $ONOS_ROOT/pom.xml | grep -q SNAPSHOT && false
    echo "OK"
}

# Tests that the root pom does not contain any snapshot dependencies
# on anxillary artifacts, e.g. openflowj, copycat
function testSnapshotDependencies {
    testOnosBase
    for artifact in onos-build-conf onos-maven-plugin openflowj atomix copycat; do
        testArtifactDependency $artifact
    done
}

# Test access to Gerrit (Administrator)
function testGerritAccess {
    trap "echo 'FAILED'" ERR
    printf "Checking Gerrit ONOS Release group access... "
    ssh -p 29418 gerrit.onosproject.org gerrit ls-members "ONOS\ Release"\
         --recursive | grep -q $GERRIT_USER
    echo "OK"
}

# Test access to api.onosproject.org
function testWikiAccess {
    trap "echo 'FAILED'" ERR
    printf "Checking Wiki access... "
    ssh $WIKI_USER@api.onosproject.org "test -w /var/www/api/index.html"
    echo "OK"
}

# Test access to EC2
function testEC2Access {
    aux=$(mktemp)
    trap "cat $aux; rm -f $aux; echo 'FAILED'" ERR
    printf "Checking EC2 access... "
    : "${AWS_ACCESS_KEY_ID:?AWS_ACCESS_KEY_ID must be set}"
    : "${AWS_SECRET_ACCESS_KEY:?AWS_SECRET_ACCESS_KEY must be set}"

    uploadToS3.py -v 1>$aux 2>&1
    rm -f $aux
    echo "OK"
}

# Sonatype account must be created & ~/.m2/settings.xml must be configured
# Test by "releasing" a fake project setup for that purpose to validate access.
function testSonatypeAccessMvn {
    aux=$(mktemp)
    trap "cat $aux; rm -f $aux; echo 'FAILED'" ERR
    printf "Checking Sonatype access via Maven... "
    pushd $ONOS_ROOT/tools/build/release-test >/dev/null
    # TODO: Figure out how to supress the GPG note
    mvn -Prelease clean deploy org.sonatype.plugins:nexus-staging-maven-plugin:drop \
        1>$aux 2>&1 </dev/null
    mvn clean >/dev/null
    rm -f $aux
    popd >/dev/null
    echo "OK"
}

function testSonatypeAccessRest {
    : "${SONATYPE_USER:?SONATYPE_USER must be set}"
    : "${SONATYPE_PASSWORD:?SONATYPE_PASSWORD must be set}"
    export ONOS_VERSION=1.2.3
    printf "Checking Sonatype access via REST... "
    pushd $ONOS_ROOT/tools/build/release-test >/dev/null
    #FIXME this won't work on Linux
    md5 pom.xml > pom.xml.md5
    shasum pom.xml > pom.xml.sha1
    gpg --detach-sign --output pom.xml.asc pom.xml
    # Upload the files to staging
    curl -s -u$SONATYPE_USER:$SONATYPE_PASSWORD --upload-file pom.xml \
    https://oss.sonatype.org/service/local/staging/deploy/maven2/org/onosproject/onos-api/$ONOS_VERSION/onos-api-$ONOS_VERSION.pom
    curl -s -u$SONATYPE_USER:$SONATYPE_PASSWORD --upload-file pom.xml.md5 \
    https://oss.sonatype.org/service/local/staging/deploy/maven2/org/onosproject/onos-api/$ONOS_VERSION/onos-api-$ONOS_VERSION.pom.md5
    curl -s -u$SONATYPE_USER:$SONATYPE_PASSWORD --upload-file pom.xml.sha1 \
    https://oss.sonatype.org/service/local/staging/deploy/maven2/org/onosproject/onos-api/$ONOS_VERSION/onos-api-$ONOS_VERSION.pom.sha1
    curl -s -u$SONATYPE_USER:$SONATYPE_PASSWORD --upload-file pom.xml.asc \
    https://oss.sonatype.org/service/local/staging/deploy/maven2/org/onosproject/onos-api/$ONOS_VERSION/onos-api-$ONOS_VERSION.pom.asc
    rm pom.xml.md5 pom.xml.sha1 pom.xml.asc
    onos-close-staging -d >/dev/null
    popd >/dev/null
    unset ONOS_VERSION
    echo "OK"
}

# .buckconfig.local must exist and the sonatype credentials must be set up
function testBuckconfigLocal() {
    printf "Checking local buck config..."
    if [ ! -f $ONOS_ROOT/.buckconfig.local ]; then
        echo ".buckconfig.local not found"
        return 1
    fi

    trap "echo [publish] must be specified" ERR
    grep -q "^\[publish\]" $ONOS_ROOT/.buckconfig.local

    trap "echo maven_url must be specified" ERR
    grep -q "maven_url" $ONOS_ROOT/.buckconfig.local

    trap "echo maven_user must be specified" ERR
    grep -q "maven_user" $ONOS_ROOT/.buckconfig.local

    trap "echo maven_password must be specified" ERR
    grep -q "maven_password" $ONOS_ROOT/.buckconfig.local

    trap "echo pgp_keyring must be specified" ERR
    grep -q "pgp_keyring" $ONOS_ROOT/.buckconfig.local

    echo "OK"
}

testBuckconfigLocal
testToolchain
testGerritAccess

if [ ${dryRun} -eq 0 ]; then
    testWikiAccess
    testEC2Access
    testSonatypeAccessMvn
    testSonatypeAccessRest
fi

echo "Ready to commence release process!"
