## A script to automatically convert a certificate profile and upload it to Virtuoso
# 
# Requires the following environment variables to be set:
# --env 'CERTIFICATE_NAME=<name of the certificate>' \
# --env 'CERTIFICATE_PASSWORD=<password of certificate profile>' \
# --env 'CERTIFICATE_FILE=<certificate profile (.p12 / .pfx) filename>' \
# --env 'VIRTUOSO_ORGANIZATION=<virtuoso organization id>' \
# --env 'VIRTUOSO_TOKEN=<user's virtuoso access token>' \
# 
# Optional environment variables: 
# --env 'CERTIFICATE_DESCRIPTION=<description of the certificate>'
# --env 'VIRTUOSO_ENVIRONMENT_API=<environment api name (e.g. api, api-app2)>'
#
# Also requires the directory that contains the certificate profile to be mounted as /data: 
# --mount type=bind,src=<directory containing certificate profile>,target=/data \

FROM ubuntu:latest

# Install packages needed for ssh and git
USER root

RUN apt update -y
RUN apt -y install bash curl jq libnss3-tools

# Setup home directory for script
ENV BASEDIR=/home/uploader
RUN mkdir -p "$BASEDIR"
WORKDIR $BASEDIR

# Setup NSSDB output dir
ENV NSSDB_OUTPUT_DIR=${BASEDIR}/generated-nssdb
RUN mkdir -p "${NSSDB_OUTPUT_DIR}"
RUN chmod +w "${NSSDB_OUTPUT_DIR}"

# Copy script to execute
COPY upload-certificate-profile.sh "${BASEDIR}/upload-certificate-profile.sh"
RUN chmod +x "${BASEDIR}/upload-certificate-profile.sh"

# Setup environment variable names 
ENV CERTIFICATE_FILE=unset
ENV CERTIFICATE_PASSWORD=unset
ENV CERTIFICATE_NAME=unset
ENV CERTIFICATE_DESCRIPTION=unset
ENV VIRTUOSO_TOKEN=unset
ENV VIRTUOSO_ORGANIZATION=unset
ENV VIRTUOSO_ENVIRONMENT_API=api

# Run
CMD "${BASEDIR}/upload-certificate-profile.sh" \
    "-f" "/data/${CERTIFICATE_FILE}" \
    "-n" "${CERTIFICATE_NAME}" \
    "-d" "${CERTIFICATE_DESCRIPTION}" \
    "-w" "${NSSDB_OUTPUT_DIR}" \
    "-t" "${VIRTUOSO_TOKEN}" \
    "-o" "${VIRTUOSO_ORGANIZATION}" \
    "-a" "https://${VIRTUOSO_ENVIRONMENT_API}.virtuoso.qa/api" \
    "-p" "${CERTIFICATE_PASSWORD}"