PROJECT_NAME := Pulumi Docker Build Resource Provider

PACK             := docker-build
PACKDIR          := sdk
PROJECT          := github.com/pulumi/pulumi-docker-build
NODE_MODULE_NAME := @pulumi/docker-build
NUGET_PKG_NAME   := Pulumi.DockerBuild

PROVIDER         := pulumi-resource-${PACK}
PROVIDER_PATH    := provider
VERSION_PATH     := ${PROVIDER_PATH}.Version
SCHEMA_PATH      := ${PROVIDER_PATH}/cmd/pulumi-resource-${PACK}/schema.json

GOPATH			 := $(shell go env GOPATH)

WORKING_DIR      := $(shell pwd)
EXAMPLES_DIR     := ${WORKING_DIR}/examples/yaml
TESTPARALLELISM  := 4

PULUMI           := pulumi
GOGLANGCILINT    := golangci-lint
GOTEST           := go test

# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable
# Local & branch builds will just used this fixed default version unless specified
PROVIDER_VERSION ?= 0.1.0-alpha.0+dev
# Use this normalised version everywhere rather than the raw input to ensure consistency.
VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)")

export PULUMI_IGNORE_AMBIENT_PLUGINS = true
export PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION = true

.PHONY: ensure
ensure:: tidy lint test_provider examples

.PHONY: tidy
tidy:
	go mod tidy

.PHONY: provider
provider: bin/${PROVIDER} bin/pulumi-gen-${PACK} # Required by CI

.PHONY: local_generate
local_generate: sdk # Required by CI

provider_debug::
	(cd provider && go build -o $(WORKING_DIR)/bin/${PROVIDER} -gcflags="all=-N -l" -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION_GENERIC}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))

test_provider:: # Required by CI
	${GOTEST} -short -v -coverprofile="coverage.txt" -coverpkg=./provider/... -timeout 2h -parallel ${TESTPARALLELISM} ./provider/...

test_examples: install_nodejs_sdk install_dotnet_sdk
	${GOTEST} -short -v -cover -tags=all -timeout 2h -parallel ${TESTPARALLELISM} ./examples/...

test_all:: test_provider test_examples

.PHONY:
gen_examples:

examples: $(shell mkdir -p examples)
examples: sdk examples/yaml examples/go examples/nodejs examples/python examples/dotnet examples/java examples/hcl

examples/yaml:
	rm -rf ${WORKING_DIR}/examples/yaml/app
	cp -r ${WORKING_DIR}/examples/app ${WORKING_DIR}/examples/yaml/app

examples/go: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
	$(call example,go)
	@git checkout examples/go/go.mod

examples/nodejs: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
	$(call example,nodejs)
	@git checkout examples/nodejs/package.json

examples/python: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
	$(call example,python)
	@git checkout examples/python/requirements.txt

examples/dotnet: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
	$(call example,dotnet)
	@git checkout examples/dotnet/provider-docker-build.csproj

examples/java: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
	$(call example,java)
	@git checkout examples/java/pom.xml

examples/hcl: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
	$(call example,hcl)

define pulumi_login
    export PULUMI_CONFIG_PASSPHRASE=asdfqwerty1234; \
    pulumi login --local;
endef

define example
	rm -rf ${WORKING_DIR}/examples/$(1)
	pulumi convert \
		--cwd ${WORKING_DIR}/examples/yaml \
		--logtostderr \
		--generate-only \
		--non-interactive \
		--language $(1) \
		--out ${WORKING_DIR}/examples/$(1)
	cp -r ${WORKING_DIR}/examples/app ${WORKING_DIR}/examples/$(1)/app
	cp ${WORKING_DIR}/examples/yaml/.dockerignore ${WORKING_DIR}/examples/$(1)/.dockerignore
endef

up::
	$(call pulumi_login) \
	cd ${EXAMPLES_DIR} && \
	pulumi stack init dev && \
	pulumi stack select dev && \
	pulumi config set name dev && \
	pulumi up -y

down::
	$(call pulumi_login) \
	cd ${EXAMPLES_DIR} && \
	pulumi stack select dev && \
	pulumi destroy -y && \
	pulumi stack rm dev -y

devcontainer::
	git submodule update --init --recursive .devcontainer
	git submodule update --remote --merge .devcontainer
	cp -f .devcontainer/devcontainer.json .devcontainer.json

.PHONY: build
build:: provider sdk/dotnet sdk/go sdk/nodejs sdk/python sdk/java ${SCHEMA_PATH}

# Required for the codegen action that runs in pulumi/pulumi
only_build:: build

.PHONY: lint
lint:
	${GOGLANGCILINT} run --fix -c .golangci.yml

install:: install_nodejs_sdk install_dotnet_sdk
	cp $(WORKING_DIR)/bin/${PROVIDER} ${GOPATH}/bin


install_dotnet_sdk:: # Required by CI
	rm -rf $(WORKING_DIR)/nuget/$(NUGET_PKG_NAME).*.nupkg
	mkdir -p $(WORKING_DIR)/nuget
	find . -name '*.nupkg' -print -exec cp -p {} ${WORKING_DIR}/nuget \;

install_python_sdk:: # Required by CI

install_go_sdk:: # Required by CI

install_nodejs_sdk:: # Required by CI
	-yarn unlink --cwd $(WORKING_DIR)/sdk/nodejs/bin
	yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin

.PHONY: codegen
codegen: # Required by CI

.PHONY: generate_schema
generate_schema: ${SCHEMA_PATH} # Required by CI

.PHONY: build_go install_go_sdk
generate_go: sdk/go # Required by CI
build_go: # Required by CI

.PHONY: build_java install_java_sdk
generate_java: sdk/java # Required by CI
build_java: # Required by CI

.PHONY: build_python install_python_sdk
generate_python: sdk/python # Required by CI
build_python: # Required by CI

.PHONY: build_nodejs install_nodejs_sdk
generate_nodejs: sdk/nodejs # Required by CI
build_nodejs: # Required by CI

.PHONY: build_dotnet install_dotnet_sdk
generate_dotnet: sdk/dotnet # Required by CI
build_dotnet: # Required by CI

${SCHEMA_PATH}: bin/${PROVIDER}
	pulumi package get-schema ./bin/${PROVIDER} | jq 'del(.version)' > $(SCHEMA_PATH)

bin/${PROVIDER}: $(shell find ./provider -name '*.go') go.mod
	(cd provider && go build -o ../bin/${PROVIDER} -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION_GENERIC}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))

bin/pulumi-gen-${PACK}: # Required by CI
	@mkdir -p bin
	touch bin/pulumi-gen-${PACK}

go.mod: $(shell find . -name '*.go')
go.sum: go.mod

sdk: $(shell mkdir -p sdk)
sdk: sdk/python sdk/nodejs sdk/java sdk/python sdk/go sdk/dotnet

# Folders can't be used for up-to-date checks as they will be marked as up-to-date even if the step fails - leading to a broken state.
.PHONY: sdk/*

sdk/python: TMPDIR := $(shell mktemp -d)
sdk/python: bin/${PROVIDER}
	rm -rf sdk/python
	$(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language python -o ${TMPDIR}
	cp README.md ${TMPDIR}/python/
	cd ${TMPDIR}/python/ && \
		rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \
		python3 -m venv venv && \
		./venv/bin/python -m pip install build && \
		cd ./bin && \
		../venv/bin/python -m build .
	mv -f ${TMPDIR}/python ${WORKING_DIR}/sdk/.

sdk/nodejs: TMPDIR := $(shell mktemp -d)
sdk/nodejs: bin/${PROVIDER}
	rm -rf sdk/nodejs
	$(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language nodejs -o ${TMPDIR}
	cp README.md LICENSE ${TMPDIR}/nodejs
	cd ${TMPDIR}/nodejs/ && \
		yarn install && \
		yarn run tsc && \
		cp README.md LICENSE package.json yarn.lock bin/
	mv -f ${TMPDIR}/nodejs ${WORKING_DIR}/sdk/.

sdk/go: TMPDIR := $(shell mktemp -d)
sdk/go: PATH := "$(WORKING_DIR)/bin:$(PATH)"
sdk/go: bin/${PROVIDER}
	rm -rf sdk/go
	PATH=$(PATH) $(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language go -o ${TMPDIR}
	cp go.mod ${TMPDIR}/go/dockerbuild/go.mod
	cd ${TMPDIR}/go/dockerbuild && \
		go mod edit -module=github.com/pulumi/pulumi-${PACK}/${PACKDIR}/go/dockerbuild && \
		go mod tidy
	mv -f ${TMPDIR}/go ${WORKING_DIR}/sdk/go

sdk/dotnet: TMPDIR := $(shell mktemp -d)
sdk/dotnet: bin/${PROVIDER}
	rm -rf sdk/dotnet
	$(PULUMI) package gen-sdk ./bin/${PROVIDER} --language dotnet -o ${TMPDIR}
	cd ${TMPDIR}/dotnet/ && \
		echo "$(VERSION_GENERIC)" > version.txt && \
		dotnet build
	mv -f ${TMPDIR}/dotnet ${WORKING_DIR}/sdk/.

sdk/java: PACKAGE_VERSION := $(shell pulumictl convert-version --language generic -v "$(VERSION_GENERIC)")
sdk/java: TMPDIR := $(shell mktemp -d)
sdk/java: bin/${PROVIDER}
	rm -rf sdk/java
	$(PULUMI) package gen-sdk --language java ./bin/${PROVIDER} -o ${TMPDIR}
	cd ${TMPDIR}/java/ && gradle --console=plain build
	mv -f ${TMPDIR}/java ${WORKING_DIR}/sdk/.

docs: $(shell find docs/yaml -type f) $(shell find ./provider/internal/embed -name '*.md') ${SCHEMA_PATH}
	go generate docs/generate.go
	@touch docs

# Set these variables to enable signing of the windows binary with Azure Trusted Signing.
AZURE_SIGNING_CLIENT_ID ?=
AZURE_SIGNING_CLIENT_SECRET ?=
AZURE_SIGNING_TENANT_ID ?=
AZURE_SIGNING_ACCOUNT_ENDPOINT ?=
AZURE_SIGNING_ACCOUNT_NAME ?=
AZURE_SIGNING_CERT_PROFILE_NAME ?=
SKIP_SIGNING ?=

bin/jsign-7.4.jar:
	@mkdir -p bin
	wget https://github.com/ebourg/jsign/releases/download/7.4/jsign-7.4.jar --output-document=bin/jsign-7.4.jar

sign-goreleaser-exe-amd64: GORELEASER_ARCH := amd64_v1
sign-goreleaser-exe-arm64: GORELEASER_ARCH := arm64

# Set the shell to bash to allow for the use of bash syntax.
sign-goreleaser-exe-%: SHELL:=/bin/bash
sign-goreleaser-exe-%: bin/jsign-7.4.jar
	@# Only sign windows binary if fully configured.
	@# Test variables set by joining with | between and looking for || showing at least one variable is empty.
	@# Move the binary to a temporary location and sign it there to avoid the target being up-to-date if signing fails.
	@set -e; \
	if [[ "${SKIP_SIGNING}" != "true" ]]; then \
		if [[ "|${AZURE_SIGNING_CLIENT_ID}|${AZURE_SIGNING_CLIENT_SECRET}|${AZURE_SIGNING_TENANT_ID}|${AZURE_SIGNING_ACCOUNT_ENDPOINT}|${AZURE_SIGNING_ACCOUNT_NAME}|${AZURE_SIGNING_CERT_PROFILE_NAME}|" == *"||"* ]]; then \
			echo "Can't sign windows binaries as required configuration not set: AZURE_SIGNING_CLIENT_ID, AZURE_SIGNING_CLIENT_SECRET, AZURE_SIGNING_TENANT_ID, AZURE_SIGNING_ACCOUNT_ENDPOINT, AZURE_SIGNING_ACCOUNT_NAME, AZURE_SIGNING_CERT_PROFILE_NAME"; \
			echo "To rebuild with signing delete the unsigned windows exe file and rebuild with the fixed configuration"; \
			if [[ "${CI}" == "true" ]]; then exit 1; fi; \
		else \
			file=dist/build-provider-sign-windows_windows_${GORELEASER_ARCH}/pulumi-resource-docker-build.exe; \
			mv $${file} $${file}.unsigned; \
			az login --service-principal \
				--username "${AZURE_SIGNING_CLIENT_ID}" \
				--password "${AZURE_SIGNING_CLIENT_SECRET}" \
				--tenant "${AZURE_SIGNING_TENANT_ID}" \
				--output none; \
			ACCESS_TOKEN=$$(az account get-access-token --resource "https://codesigning.azure.net" | jq -r .accessToken); \
			ENDPOINT_HOST="$${AZURE_SIGNING_ACCOUNT_ENDPOINT#https://}"; \
			ENDPOINT_HOST="$${ENDPOINT_HOST#http://}"; \
			ENDPOINT_HOST="$${ENDPOINT_HOST%/}"; \
			java -jar bin/jsign-7.4.jar \
				--storetype TRUSTEDSIGNING \
				--keystore "$${ENDPOINT_HOST}" \
				--storepass "$${ACCESS_TOKEN}" \
				--alias "${AZURE_SIGNING_ACCOUNT_NAME}/${AZURE_SIGNING_CERT_PROFILE_NAME}" \
				$${file}.unsigned; \
			mv $${file}.unsigned $${file}; \
			az logout; \
		fi; \
	fi

# To make an immediately observable change to .ci-mgmt.yaml:
#
# - Edit .ci-mgmt.yaml
# - Run make ci-mgmt to apply the change locally.
#
ci-mgmt: .ci-mgmt.yaml
	go run github.com/pulumi/ci-mgmt/provider-ci@master generate
.PHONY: ci-mgmt
	fi
