#!/bin/bash
GREEN='\033[0;32m'
NC='\033[0m' # No Color
LAB_CA="./lab-ca"

# Build and install
# Build script for lab-ca with version injection from git tag
git describe --tags --always --dirty > /dev/null 2>&1
if [ $? -eq 0 ]; then
  VERSION=$(git describe --tags --always --dirty)
else
  VERSION="dev"
fi
go build -ldflags "-X main.Version=$VERSION" -o $LAB_CA
if [ $? -ne 0 ]; then
    echo -e "${GREEN}Build failed!${NC}"
    exit 1
fi
echo -e "${GREEN}Build successful! Version: $VERSION${NC}"

rm -rf certs private *.json crl*.pem

echo -e "\n${GREEN}Initializing CA...${NC}"
$LAB_CA initca || exit 1

echo -e "\n${GREEN}Issuing single certificate with incorrect argument..${NC}"
$LAB_CA issue --name "blackpanther2.koszewscy.waw.pl"
if [ $? -ne 0 ]; then
    echo -e "${GREEN}Failed to issue certificate.${NC} - that's fine it was intended."
else
    echo -e "${GREEN}FATAL: The command should fail, but it didn't!${NC}"
    exit 1
fi

echo -e "\n${GREEN}Issuing single certificate..${NC}"
$LAB_CA issue --name "blackpanther2" --subject "blackpanther2.koszewscy.waw.pl" || exit 1

echo -e "\n${GREEN}Issuing multiple certificates from file...${NC}"
$LAB_CA provision --file examples/example-certificates.hcl --verbose || exit 1

echo -e "\n${GREEN}Revoking a certificate by name...${NC}"
$LAB_CA revoke --name "loki" || exit 1

echo -e "\n${GREEN}Generating CRL...${NC}"
$LAB_CA crl --validity-days 7 --crl-file crl-1.pem || exit 1
openssl crl -noout -text -in crl-1.pem

echo -e "\n${GREEN}Revoking a second certificate by name...${NC}"
$LAB_CA revoke --name "alloy" || exit 1

echo -e "\n${GREEN}Generating a second CRL...${NC}"
$LAB_CA crl --validity-days 7 --crl-file crl-2.pem || exit 1
openssl crl -noout -text -in crl-2.pem

echo -e "\n${GREEN}Dumping CA state...${NC}"
jq '.' example_ca_state.json