#!/bin/bash

set -Eeuo pipefail

## Uncomment what needed.
## Prod
#export FOLDER_ID="yc.wall-e.main-folder"
#export MK8S_CLUSTER_ID="catsrpd756apschlkafe"
#export YC_ENDPOINT="api.cloud.yandex.net:443"
#export KEY_FILE_NAME="yc-walle-prod-ingress-controller-sa-key.json"
#
## Preprod
#export FOLDER_ID="yc.wall-e.main-folder"
#export MK8S_CLUSTER_ID="c490rrkpj0bbr1kmjg0s"
#export YC_ENDPOINT="api.cloud-preprod.yandex.net:443"
#export KEY_FILE_NAME="yc-walle-preprod-ingress-controller-sa-key.json"
#
# Testing
export FOLDER_ID="yc.wall-e.main-testing-folder"
export MK8S_CLUSTER_ID="c49pnb4h4on3n1076le2"
export YC_ENDPOINT="api.cloud-preprod.yandex.net:443"
export KEY_FILE_NAME="yc-walle-testing-ingress-controller-sa-key.json"

echo "FOLDER_ID: ${FOLDER_ID}"
echo "MK8S_CLUSTER_ID: ${MK8S_CLUSTER_ID}"
echo "YC_ENDPOINT: ${YC_ENDPOINT}"

# https://cloud.yandex.ru/docs/managed-kubernetes/solutions/alb-ingress-controller#create-namespace
# Create namespace for controller.
kubectl create namespace yc-alb-ingress

# For using api.cloud-preprod.yandex.net in preprod and testing secret store.
wget https://crls.yandex.net/YandexInternalRootCA.crt -O /tmp/YandexInternalRootCA.crt
kubectl create secret generic ya-internal-root-ca \
        --from-file=/tmp/YandexInternalRootCA.crt \
        --namespace yc-alb-ingress

# https://cloud.yandex.ru/docs/managed-kubernetes/solutions/alb-ingress-controller#install-alb
# Install Helm-chart with YC Application Load Balancer Ingress controller.
export VERSION=v0.1.0
export HELM_EXPERIMENTAL_OCI=1

helm pull \
  --version ${VERSION} \
  oci://cr.yandex/yc/yc-alb-ingress-controller-chart

helm install \
  --namespace yc-alb-ingress \
  --set folderId="${FOLDER_ID}" \
  --set clusterId="${MK8S_CLUSTER_ID}" \
  --set endpoint="${YC_ENDPOINT}" \
  --set-file saKeySecretKey=/tmp/"${KEY_FILE_NAME}" \
  yc-alb-ingress-controller ./yc-alb-ingress-controller-chart-${VERSION}.tgz

echo "(for prestable and testing clouds) See https://st.yandex-team.ru/JUGGLER-4612 to place YandexInternalRootCA inside controller's pod manually."
