#!/bin/bash

export USER=$1
echo "setting up certsigner"
kubectl apply -f ./certsigner
sleep 5
echo "generating certs"
mkdir $HOME/.kube/users/$USER
docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl genrsa -out /$USER/$USER.key 2048
docker run -it -v $HOME/.kube/users/$USER:/$USER python:latest openssl req -new -key /$USER/$USER.key -out /$USER/$USER.csr -subj "/CN=$USER/O=user"
echo "creating userspace"
helm template $USER ./namespace | kubectl apply -f -
echo "copying and signing certs"
kubectl cp $HOME/.kube/users/$USER/$USER.csr certsigner:/certs/$USER.csr
kubectl exec certsigner -- openssl x509 -in /certs/$USER.csr -req -CA /keys/client-ca.crt -CAkey /keys/client-ca.key -set_serial $(python -c "import random; print(random.randint(1000000000, 9999999999))") -out /certs/$USER.crt -days 5000
kubectl cp certsigner:/certs/$USER.crt $HOME/.kube/users/$USER/$USER.crt
echo "deleting certsigner"
kubectl delete -f ./certsigner