#!/bin/bash

## Copyright (C) 2019 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

set -x

set -e

true "INFO: (hardcoded) this script is: help-steps/repo_download_chroot_script"
true "INFO:  This script is supposed to be either executed:"
true "INFO: - by cowbuilder which is expected to run as root (sudo), or"
true "INFO: - using root (sudo)."
true "INFO: \$0: '$0' | \$@: '$@'"

if [ "$(id -u)" != "0" ]; then
   echo "ERROR: This must be run as root (sudo)!"
   exit 1
fi

#declare -p | awk '{print $3}' | sort

## Debugging.
cat -- "/home/$user_name/pbuilder_config_file"

source "/home/$user_name/pbuilder_config_file"

true "---------------"
true "INFO: HOMEVAR_VBOX_TEMP: $HOMEVAR_VBOX_TEMP"
true "INFO: BUILDPLACE: $BUILDPLACE"
true "INFO: APTGETOPT_SERIALIZED: $APTGETOPT_SERIALIZED"
true "---------------"

mapfile -t APTGETOPT <<< "$APTGETOPT_SERIALIZED"
printf "%s\n" "APTGETOPT: ${APTGETOPT[@]}"

test -f "${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/newer.sources"

cat -- "${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/newer.sources"

## Delete the binary version in case it is there.
rm -f -- "/etc/apt/trusted.gpg.d/newer.asc"

if [ -f "${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/repo_signing_key.asc" ]; then
   cp --verbose -- "${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/repo_signing_key.asc" "/etc/apt/trusted.gpg.d/newer.asc"
   ## Fix for:
   ## The key(s) in the keyring /etc/apt/trusted.gpg.d/newer.asc are ignored as the file is not readable by user '_apt' executing apt-key.
   chmod o+r -- "/etc/apt/trusted.gpg.d/newer.asc"
   ## Debugging.
   gpg --keyid-format long --import --import-options show-only --with-fingerprint "/etc/apt/trusted.gpg.d/newer.asc"
fi

if [ "$temp_newer_packages" = "" ]; then
   echo "ERROR $0: temp_newer_packages is empty!"
   exit 1
fi

if [ "$apt_target_release" = "" ]; then
   echo "ERROR $0: apt_target_release is empty!"
   exit 1
elif [ "$apt_target_release" = "none" ]; then
   target_release_option=""
else
   target_release_option="--target-release=${apt_target_release}"
fi

pushd "$temp_newer_packages"

## Use dpkg multiarch so we can download other architectures than the build host's one using apt-get.
for architecture in $architecture_list ; do
   dpkg --add-architecture "$architecture"
done

apt-get \
   "${APTGETOPT[@]}" \
   $apt_unattended_opts \
   $target_release_option \
   -o Dir::Etc::sourcelist="${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/newer.sources" \
   -o Dir::Etc::sourceparts="-" \
   -- \
   update

# apt-cache \
#    "${APTGETOPT[@]}" \
#    $apt_unattended_opts \
#    $target_release_option \
#    -o Dir::Etc::sourcelist="${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/newer.sources" \
#    -o Dir::Etc::sourceparts="-" \
#    -- \
#    show \
#    $newer_package_list \
#    || true

# apt-config \
#    "${APTGETOPT[@]}" \
#    $apt_unattended_opts \
#    $target_release_option \
#    -o Dir::Etc::sourcelist="${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/newer.sources" \
#    -o Dir::Etc::sourceparts="-"
#    -- \
#    dump

#ls -- /var/lib/apt/lists/

apt-get \
   "${APTGETOPT[@]}" \
   $apt_unattended_opts \
   $target_release_option \
   -o Dir::Etc::sourcelist="${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/newer.sources" \
   -o Dir::Etc::sourceparts="-" \
   download \
   -- \
   $newer_package_list

if [ "$download_source_package" = "true" ]; then
   apt-get \
      "${APTGETOPT[@]}" \
      $apt_unattended_opts \
      $target_release_option \
      --yes \
      --download-only \
      -o Dir::Etc::sourcelist="${if_no_pbuilder_base_folder}/var/cache/derivative-maker/temporary-repository/newer.sources" \
      -o Dir::Etc::sourceparts="-" \
      -- \
      source \
      $newer_package_list
fi

popd
