#! /bin/bash
set -e
QUAYPATH=${QUAYPATH:-"."}
QUAYCONF=${QUAYCONF:-"$QUAYPATH/conf"}

cd ${QUAYDIR:-"/"}

# Add the custom LDAP certificate
if [ -e $QUAYCONF/stack/ldap.crt ]
then
  cp $QUAYCONF/stack/ldap.crt /usr/local/share/ca-certificates/ldap.crt
fi

# Add extra trusted certificates (as a directory)
if [ -d $QUAYCONF/stack/extra_ca_certs ]; then
  if test "$(ls -A "$QUAYCONF/stack/extra_ca_certs")"; then
      echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs directory"
      cp $QUAYCONF/stack/extra_ca_certs/* /usr/local/share/ca-certificates/
      cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/requests/cacert.pem
      cat $QUAYCONF/stack/extra_ca_certs/* >> venv/lib/python2.7/site-packages/certifi/cacert.pem
  fi
fi

# Add extra trusted certificates (as a file)
if [ -f $QUAYCONF/stack/extra_ca_certs ]; then
  echo "Installing extra certificates found in $QUAYCONF/stack/extra_ca_certs file"
  csplit -z -f /usr/local/share/ca-certificates/extra-ca- $QUAYCONF/stack/extra_ca_certs  '/-----BEGIN CERTIFICATE-----/' '{*}'
  cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/requests/cacert.pem
  cat $QUAYCONF/stack/extra_ca_certs >> venv/lib/python2.7/site-packages/certifi/cacert.pem
fi

# Add extra trusted certificates (prefixed)
for f in $(find $QUAYCONF/stack/ -maxdepth 1 -type f -name "extra_ca*")
do
 echo "Installing extra cert $f"
 cp "$f" /usr/local/share/ca-certificates/
 cat "$f" >> venv/lib/python2.7/site-packages/requests/cacert.pem
 cat "$f" >> venv/lib/python2.7/site-packages/certifi/cacert.pem
done

# Update all CA certificates.
update-ca-certificates