#!/bin/bash

set -e
set -u
set -o pipefail

DIST=${1:?Specify the distrubution name}
PLATFORM=${2:-amd64}

BASENAME=bitnami/minideb
GCR_BASENAME=gcr.io/bitnami-containers/minideb
QUAY_BASENAME=quay.io/bitnami/minideb

if [ -n "${DOCKER_PASSWORD:-}" ]; then
    docker login -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD"
fi

if [ -n "${QUAY_PASSWORD:-}" ]; then
    docker login -u "$QUAY_USERNAME" -p "$QUAY_PASSWORD" quay.io
fi

if [ -n "${GCR_KEY:-}" ]; then
    gcloud auth activate-service-account "$GCR_EMAIL" --key-file <(echo "$GCR_KEY")
fi

ENABLE_DOCKER_CONTENT_TRUST=0
if [ -n "${DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE:-}" ] && [ -n "${DOCKER_CONTENT_TRUST_REPOSITORY_KEY:-}" ]; then
    tmpdir=$(mktemp -d)
    (cd "${tmpdir}" && bash -c 'echo -n "${DOCKER_CONTENT_TRUST_REPOSITORY_KEY}" | base64 -d > key')
    chmod 400 "${tmpdir}/key"
    docker trust key load "${tmpdir}/key"
    rm -rf "${tmpdir}"
    export ENABLE_DOCKER_CONTENT_TRUST=1
fi

push() {
    local dist="$1"
    DOCKER_CONTENT_TRUST=${ENABLE_DOCKER_CONTENT_TRUST} docker push "${BASENAME}:${dist}"
    docker push "${QUAY_BASENAME}:${dist}"
    gcloud docker -- push "${GCR_BASENAME}:${dist}"
}

docker tag "${BASENAME}:${DIST}" "${QUAY_BASENAME}:${DIST}-${PLATFORM}"
docker tag "${BASENAME}:${DIST}" "${GCR_BASENAME}:${DIST}-${PLATFORM}"
push "$DIST-${PLATFORM}"

