#!/bin/bash
[[ ${DEBUG:-} == "true" ]] && set -eEu
[[ ${DEBUG:-} == "true" ]] && set -v

PIPELINE_ID=$RANDOM
echo ${PIPELINE_ID}

sudo pacman-key --init

# Pull Repo

## Needed so pacman doesnt complain.
repo-add "/repo/${AUR_REPO_NAME}.db.tar.xz"
sudo pacman -Syu --noconfirm minio-client pacman-contrib ninja &>/dev/null # Setup tooling

mcli alias set s3 https://s3.tobiasmanske.de "${REPO_ACCESS_KEY}" "${REPO_SECRET_KEY}"

# LOCK
LOCK=""


unlock() {
	if [[ "${LOCK}" == "${PIPELINE_ID}" ]]; then
		echo "FREE" | mcli pipe s3/repo/LOCK
	fi

}

lock () {
	while [[ "${LOCK}" != "${PIPELINE_ID}" ]]; do
		if [[ ${DEBUG:-} == "true" ]]; then
			echo "Debug mode, not waiting for lock"
			break
		fi
		LOCK=$(mcli cat s3/repo/LOCK)
		if [[ "${LOCK}" == "FREE" ]]; then
			echo $PIPELINE_ID | mcli pipe s3/repo/LOCK
			LOCK=$(mcli cat s3/repo/LOCK)
			continue
		fi
		echo "Waiting for lock with id $PIPELINE_ID..."
		sleep $((RANDOM % 10))
	done
	trap unlock EXIT INT TERM
}

pullrepo () {
	echo "Pulling Repository"
	(
		mcli cp "s3/repo/x86_64/${AUR_REPO_NAME}.db.tar.xz" /repo
		mcli cp "s3/repo/x86_64/${AUR_REPO_NAME}.db.tar.xz.sig" /repo
		mcli cp "s3/repo/x86_64/${AUR_REPO_NAME}.files.tar.xz" /repo
		mcli cp "s3/repo/x86_64/${AUR_REPO_NAME}.files.tar.xz.sig" /repo

	) &>/dev/null
}

pullrepo

if ! (aur repo >/dev/null 2>&1); then
	printf "Aur repo not initialized, initializing /repo...\n"
	repo-add "/repo/${AUR_REPO_NAME}.db.tar.xz"
fi

# Keyring Signing Key
sudo pacman-key --add trustroot.asc
gpg --import --batch trustroot.asc
sudo pacman-key --lsign 10BE06BC275CE0E17373B368F67996C486D1B56B

# Setup signing
echo "${BUILD_GPG_KEY}" | base64 -d | gpg --import --batch
echo "C3FE87CFB8F8D503AE03EC1C033E7F3DC71FE89E:6:" | gpg --import-ownertrust --batch


sudo pacman --noconfirm -Syu archlinux-keyring &>/dev/null

git clone --recursive https://git.tobiasmanske.de/archlinux-repo/package_sources.git packages &>/dev/null

cd packages

touch buildqueue
# Obtain version of downloaded packages which didnt fail
while read -r i; do
	aur srcver --no-prepare --jobs=4 "$i" || true
done <<< "$(find . -iname PKGBUILD -exec dirname {} \;)" > vcs

# *missing Dependency resolution
cut -f1 vcs | aur depends -r - | tsort > dependencies
comm -23 <(sort dependencies) <(cut -f1 vcs | sort) | tee -a buildqueue | tee -a dep_missing | aur fetch -

if wc -l dep_missing | grep -q "^0 "; then
	echo "No missing dependencies."
else
	echo "!!! Missing dependencies !!!"
	cat dep_missing
	echo "!!! Missing dependencies !!!"
fi



# Rebuild all git packages
if [ -z "${NO_GIT_REBUILD:-}" ]; then
	cut -f1 vcs | grep -e "-git$" | tee -a buildqueue
fi

# add all outdated packages to the build queue
aur repo --list | aur vercmp -q -p vcs | tee -a buildqueue

# Build missing packages
comm -23 <(cut -f1 vcs | sort) <(pacman -Slq "${AUR_REPO_NAME}" | sort) | tee -a buildqueue

# Build all packages defined in buildqueue
while read -r i; do
	cat "$i"/.SRCINFO
done <buildqueue | tee buildfile | aur graph | tee graph | tsort | tac >queue
grep validpgpkeys buildfile | cut -d "=" -f2 | tr -d " " | xargs -n1 gpg --recv-keys

cat graph

if [[ ${DEBUG:-} == "true" ]]; then
	echo "Debug mode, not building anything."
	exit 0
fi

if wc -l queue | grep -q "^0 "; then
	echo "Nothing to build, exiting."
	exit 0
fi

## BUILD

# aur build -S --noconfirm -a queue --no-sync --margs -s
export AUR_SYNC_USE_NINJA=1
cat graph | aur sync--ninja -S -- aur build -S --noconfirm --no-sync --margs -s | tee -a /dev/stderr | ninja -k 0 -f /dev/stdin
echo "##################################"
ls -la /repo

pullrepo
lock
repo-add -k C3FE87CFB8F8D503AE03EC1C033E7F3DC71FE89E --sign "/repo/${AUR_REPO_NAME}.db.tar.xz" /repo/*.pkg.tar.zst
mcli mirror --overwrite /repo s3/repo/x86_64
unlock