#!/bin/bash

set -e

usage() {
  >&2 echo "    Usage:
    $0 DIEGO_CA_NAME DIEGO_CA_CERT_DIRECTORY

    Ex:
    $0 diegoCA ~/workspace/diego-release/diego-certs/
"
  exit 1
}

ca_name=$1
ca_cert_directory=$2

if [ -z "${ca_name}" ]; then
  >&2 echo "Specify a CA"
  usage
fi

if [ ! -d "${ca_cert_directory}" ]; then
  >&2 echo "Specify location of CA cert and key"
  usage
fi

# Install certstrap
go get -v github.com/square/certstrap


output_path="diego-certs/cc-uploader-certs"

# Place keys and certificates here
mkdir -p "${output_path}/cc"

# CC Uploader client certificate to communicate with CC
client_cn='cc_uploader'
certstrap --depot-path ${ca_cert_directory} request-cert --passphrase '' --common-name $client_cn
certstrap --depot-path ${ca_cert_directory} sign $client_cn --CA $ca_name
mv -f "${ca_cert_directory}/${client_cn}.key" "${output_path}/cc/client.key"
mv -f "${ca_cert_directory}/${client_cn}.csr" "${output_path}/cc/client.csr"
mv -f "${ca_cert_directory}/${client_cn}.crt" "${output_path}/cc/client.crt"

# CC Uploader server certificate
server_cn='cc-uploader.service.cf.internal'
certstrap --depot-path ${ca_cert_directory} request-cert --passphrase '' --common-name $server_cn
certstrap --depot-path ${ca_cert_directory} sign $server_cn --CA $ca_name
mv -f "${ca_cert_directory}/$server_cn.key" "${output_path}/server.key"
mv -f "${ca_cert_directory}/$server_cn.csr" "${output_path}/server.csr"
mv -f "${ca_cert_directory}/$server_cn.crt" "${output_path}/server.crt"
