#!groovy

node("vsphere-vpn-1") {
  def rootPath = "/root/go/src/github.com/rancher/rancher/tests/scripts/"
  def job_name = "${JOB_NAME}"
  if (job_name.contains('/')) {
    job_names = job_name.split('/')
    job_name = job_names[job_names.size() - 1]
  }
  def testContainer = "${job_name}${env.BUILD_NUMBER}_test"
  def imageName = "qa-custodian-${job_name}${env.BUILD_NUMBER}"
  def testResultsOut = "results.xml"
  def envFile = ".env"
  def rancherConfig = "rancher_env.config"
  def awsYaml = "aws.yaml"
  def azureYaml = "azure.yaml"
  def gcpYaml = "gcp.yaml"
  if ("${env.CUSTODIAN_YAML}" != "null" && "${env.CUSTODIAN_YAML}" != "") {
    yamlToRun = "${env.CUSTODIAN_YAML}"
  }
  def branch = "release/v2.8"
  if ("${env.branch}" != "null" && "${env.branch}" != "") {
    branch = "${env.branch}"
  }
  def repo = scm.userRemoteConfigs
  if ("${env.REPO}" != "null" && "${env.REPO}" != "") {
    repo = [
      [url: "${env.REPO}"]
    ]
  }
  withFolderProperties {
    paramsMap = []
    params.each {
      if (it.value && it.value.trim() != "") {
        paramsMap << "$it.key=$it.value"
      }
    }
    withEnv(paramsMap) {
      withCredentials([string(credentialsId: 'AWS_ACCESS_KEY_ID', variable: 'AWS_ACCESS_KEY_ID'),
        string(credentialsId: 'AWS_SECRET_ACCESS_KEY', variable: 'AWS_SECRET_ACCESS_KEY'),

        string(credentialsId: 'DONOTDELETE_KEYS', variable: 'DONOTDELETE_KEYS'),
        string(credentialsId: 'USER_KEYS', variable: 'USER_KEYS'),

        string(credentialsId: 'AZURE_AKS_SUBSCRIPTION_ID', variable: 'AZURE_AKS_SUBSCRIPTION_ID'),
        string(credentialsId: 'AZURE_TENANT_ID', variable: 'AZURE_TENANT_ID'),
        string(credentialsId: 'AZURE_CLIENT_ID', variable: 'AZURE_CLIENT_ID'),
        string(credentialsId: 'AZURE_CLIENT_SECRET', variable: 'AZURE_CLIENT_SECRET'),

        string(credentialsId: 'RANCHER_GKE_CREDENTIAL', variable: 'RANCHER_GKE_CREDENTIAL'),

        string(credentialsId: 'RANCHER_LINODE_ACCESSKEY', variable: "RANCHER_LINODE_ACCESSKEY")
      ]) {
        stage('Checkout') {
          deleteDir()
          checkout([
            $class: 'GitSCM',
            branches: [
              [name: "*/${branch}"]
            ],
            extensions: scm.extensions + [
              [$class: 'CleanCheckout']
            ],
            userRemoteConfigs: repo
          ])
        }
        dir("./tests/scripts/custodian/") {
          try {
            stage('Build Docker Image') {
              try {
                def decoded = new String(RANCHER_GKE_CREDENTIAL.decodeBase64())
                writeFile file: 'google_credentials.json', text: decoded
                sh "docker build -t ${imageName} -f Dockerfile . --build-arg AWS_ACCESS_KEY_ID=\"${AWS_ACCESS_KEY_ID}\" --build-arg AWS_SECRET_ACCESS_KEY=\"${AWS_SECRET_ACCESS_KEY}\" --build-arg AZURE_AKS_SUBSCRIPTION_ID=\"${AZURE_AKS_SUBSCRIPTION_ID}\" --build-arg AZURE_TENANT_ID=\"${AZURE_TENANT_ID}\" --build-arg AZURE_CLIENT_ID=\"${AZURE_CLIENT_ID}\" --build-arg AZURE_CLIENT_SECRET=\"${AZURE_CLIENT_SECRET}\" --build-arg RANCHER_LINODE_ACCESSKEY=\"${RANCHER_LINODE_ACCESSKEY}\""
              } catch (err) {
                echo 'Docker Build had partial failures...'
                echo "${err}"
              }
            }
            stage('Run Docker Image for Adding Tags') {
              // if a user only wants to run the test using a subset of keys, they can pass in OVERRIDE_REGION
              if ("${env.OVERRIDE_REGION}" != "null" && "${env.OVERRIDE_REGION}" != "") {
                sh "docker run --privileged --name ${testContainer} -e CUSTODIAN_YAML=\"tag-to-save.yaml\" -e OVERRIDE_REGION=\"${env.OVERRIDE_REGION}\" -e DONOTDELETE_KEYS=\"${DONOTDELETE_KEYS}\" -e USER_KEYS=\"${TAG_USER_KEYS}\" ${imageName} "
              } else {
                echo "No OVERRIDE_REGION passed in, running all tests"
              }
            }
            stage('Run Docker Image for AWS,Azure, and GCP') {
              sh "docker run --privileged --name ${testContainer} -e CUSTODIAN_YAML=\"${CUSTODIAN_YAML}\" -e DONOTDELETE_KEYS=\"${DONOTDELETE_KEYS}\" -e USER_KEYS=\"${USER_KEYS}\" ${imageName}"
            }
          } catch (err) {
            echo "error during custodian run"
          }

          sh "docker stop ${testContainer}"
          sh "docker rm -v ${testContainer}"
          sh "docker rmi -f ${imageName}"
        } // dir 
      } // creds
    } // folder properties
  }
} // node