#!/bin/bash

# create shared folder for root agent socket
mkdir -p shared/rootSocket

# create shared folder for intermediateA agent socket
mkdir -p shared/intermediateASocket

# create shared folder for intermediateB agent socket
mkdir -p shared/intermediateBSocket

# root certificates
"${ROOTDIR}/setup/x509pop/setup.sh" root/server root/agent

# intermediateA certificates
"${ROOTDIR}/setup/x509pop/setup.sh" intermediateA/server intermediateA/agent

# leafA certificates
"${ROOTDIR}/setup/x509pop/setup.sh" leafA/server leafA/agent

# intermediateB certificates
"${ROOTDIR}/setup/x509pop/setup.sh" intermediateB/server intermediateB/agent

# leafB certificates
"${ROOTDIR}/setup/x509pop/setup.sh" leafB/server leafB/agent


# Configure the environment-dependent CGROUP matchers for the docker workload
# attestors.
CGROUP_MATCHERS=
if [ -n "${GITHUB_WORKFLOW}" ]; then
    CGROUP_MATCHERS='"/actions_job/<id>"'
fi
sed -i.bak "s#CGROUP_MATCHERS#$CGROUP_MATCHERS#" root/agent/agent.conf
sed -i.bak "s#CGROUP_MATCHERS#$CGROUP_MATCHERS#" intermediateA/agent/agent.conf
sed -i.bak "s#CGROUP_MATCHERS#$CGROUP_MATCHERS#" intermediateB/agent/agent.conf

docker build --target nested-agent-alpine -t nested-agent-alpine .
