#!/bin/bash

## Copyright (C) 2012 - 2023 ENCRYPTED SUPPORT LP <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

## example usage:

#make_cross_build_platform_list="armel armhf i386 amd64 arm64" ./build-steps.d/*_cowbuilder-setup --allow-untagged true --allow-uncommitted true --flavor internal --target root

set -x
set -e

true "INFO: Currently running script: $BASH_SOURCE $@"

MYDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

cd "$MYDIR"
cd ..
cd help-steps

source pre
source colors
source variables

cd "$MYDIR"
cd ..

source_date_epoch_test() {
   if [ "$SOURCE_DATE_EPOCH" = "" ]; then
      error "SOURCE_DATE_EPOCH is still unset!"
   fi
   true "INFO: SOURCE_DATE_EPOCH: $SOURCE_DATE_EPOCH"
}

cowbuilder_setup() {
   if cowbuilder_setup_do ; then
      true "$FUNCNAME: success"
   else
      true "$FUNCNAME: try again"
      cowbuilder_setup_do
   fi
}

cowbuilder_setup_do() {
   true "${bold}${green}INFO${reset}: Setting up cowbuilder..."

   dist_build_sources_list_primary_contents="$(cat "$dist_build_sources_list_primary")"
   export dist_build_sources_list_primary_contents

   if [ "$dist_build_unsafe_io" = "true" ]; then
      eatmydata_maybe_install="eatmydata"
   fi

   if [ "$dist_build_unsafe_io" = "true" ]; then
      if $SUDO_TO_ROOT mount | grep /var/cache/pbuilder | grep tmpfs ; then
         true "INFO: /var/cache/pbuilder already tmpfs."
      else
         $SUDO_TO_ROOT mount -t tmpfs -o size=2G none /var/cache/pbuilder
      fi
   fi

   ## Debugging.
   $SUDO_TO_ROOT cat "$dist_build_pbuilder_config_file"

   ## cowbuilder chroot also required for host_architecture so local dependencies can be built.
   make_cross_build_platform_list_including_host_architecture="$make_cross_build_platform_list $host_architecture"
   ## Remove duplicates in case we have just set this for example to "amd64 amd64".
   make_cross_build_platform_list_including_host_architecture=$(echo "$make_cross_build_platform_list_including_host_architecture" | tr ' ' '\n' | sort | uniq | tr '\n' ' ')

   for dist_build_multiarch_package_item in $make_cross_build_platform_list_including_host_architecture ; do
      true "dist_build_multiarch_package_item: $dist_build_multiarch_package_item"
      export dist_build_multiarch_package_item

      ## Implemented in help-steps/variables.
      ## sets:
      ## cow_folder
      ## base_folder
      set_cowbuilder_folders

      if [ -d "$base_folder" ]; then
         $SUDO_TO_ROOT "$dist_source_help_steps_folder/umount_kill.sh" "$base_folder"
         $SUDO_TO_ROOT rm --recursive --force "$base_folder"
      fi

      local cowbuilder_exit_code
      cowbuilder_exit_code=0

      ## '--mirror "$dist_build_apt_sources_mirror"' should be only cosmetic,
      ## because of pbuilder-debootstrap-command-filter and hooks.
      ##
      ## Duplicate --extrapackages to prevent removal by pbuilder.
      $SUDO_TO_ROOT \
         $COWBUILDER_PREFIX \
            cowbuilder \
               --architecture "$dist_build_multiarch_package_item" \
               --configfile "$dist_build_pbuilder_config_file" \
               --create \
               --basepath "$base_folder" \
               --buildplace "$cow_folder" \
               --distribution "$dist_build_apt_stable_release" \
               --mirror "$dist_build_apt_sources_mirror" \
               --debootstrap "$dist_source_help_steps_folder/pbuilder-debootstrap-command-filter" \
               --hookdir "$dist_source_help_steps_folder/pbuilder-hooks" \
               --extrapackages "sudo devscripts debhelper strip-nondeterminism fakeroot apt-transport-tor eatmydata aptitude cowdancer fasttrack-archive-keyring" \
               || { cowbuilder_exit_code="$?" ; true; };

      if [ -d "$base_folder" ]; then
         $SUDO_TO_ROOT "$dist_source_help_steps_folder/umount_kill.sh" "$base_folder"
      fi

      if [ ! "$cowbuilder_exit_code" = "0" ]; then
         return "$cowbuilder_exit_code"
      fi

      ## help-steps/pbuilder-hooks/G10sources_list_restore.bsh should have restored it already.
      ## `pbuilder` component `/usr/lib/pbuilder/pbuilder-createbuildenv`
      ## unfortunately runs function `installaptlines` after `${DEBOOTSTRAP}`,
      ## which uses a different sources list. This pbuilder hook script restores
      ## derivative-maker build APT sources list.
      true "Sanity test. Security critical. Comparing derivative-maker build sources list with chroot sources list."
      $SUDO_TO_ROOT diff "$dist_build_sources_list_primary" "$base_folder/etc/apt/sources.list"
      $SUDO_TO_ROOT cp "$dist_build_sources_list_primary" "$base_folder/etc/apt/sources.list"

      $SUDO_TO_ROOT mkdir --parents "$base_folder/home/$user_name"
      $SUDO_TO_ROOT cp "$dist_build_pbuilder_config_file" "$base_folder/home/$user_name/pbuilder_config_file"

      cowbuilder_exit_code=0
      $SUDO_TO_ROOT \
         $COWBUILDER_PREFIX \
            cowbuilder \
               --architecture "$dist_build_multiarch_package_item" \
               --configfile "$dist_build_pbuilder_config_file" \
               --execute "$dist_build_pbuilder_chroot_script" \
               --basepath "$base_folder" \
               --buildplace "$cow_folder" \
               --save-after-login \
               || { cowbuilder_exit_code="$?" ; true; };

      if [ -d "$base_folder" ]; then
         $SUDO_TO_ROOT "$dist_source_help_steps_folder/umount_kill.sh" "$base_folder"
      fi

      if [ ! "$cowbuilder_exit_code" = "0" ]; then
         return "$cowbuilder_exit_code"
      fi
   done

   true "${bold}${green}INFO${reset}: cowbuilder setup done."
}

main() {
   source_date_epoch_test "$@"
   cowbuilder_setup "$@"
}

main "$@"
