#!/usr/bin/env bash

set -euo pipefail

kind create cluster --config kind/kind.yaml --wait 10m

kubectl create secret docker-registry gitlab \
          --docker-server=registry.gitlab.com \
          --docker-username=gitlab \
          --docker-password="${GITLAB_TOKEN}" \
          --docker-email=gitlab@unbound.se

kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "gitlab"}]}'

kustomized="$(mktemp --suffix .unboundkind.yaml --tmpdir=/tmp/)"

kubectl kustomize --enable-helm ./kind > "${kustomized}"
kubectl apply -f "${kustomized}" --server-side || true
kubectl wait --for=condition=Ready pods -n cert-manager -l app=cert-manager --timeout 5m
kubectl wait --for=condition=Ready pods -n cert-manager -l app=cainjector --timeout 5m
kubectl wait --for=condition=Ready pods -n cert-manager -l app=webhook --timeout 5m
kubectl wait --for=condition=Ready pods --all -n external-secrets --timeout=5m
kubectl apply -f "${kustomized}" --server-side

kubectl wait --for=condition=Ready pods --all --timeout=5m
