#!/bin/bash
#
#    Copyright (C) 2008-2020  Ruben Rodriguez <ruben@trisquel.info>
#    Copyright (C)      2014  Santiago Rodriguez <santi@trisquel.info>
#    Copyright (C)      2019  David Trudgian <dave@trudgian.net>
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301 USA
#

set -e
set -o pipefail

export LANG=C LC_TIME=C
PACKAGE=$(echo $0 |/bin/sed s/make-//)

export DATE=$(date +'%a, %d %b %Y %T %z')

export DATA="$PWD/DATA/$PACKAGE"
if ! [ 1$COMPONENT = "1main" ]
then
    COMPONENT=${COMPONENT:-universe}
    export NO_PKG_MANGLE=1
fi

[ -d PACKAGES ] || mkdir PACKAGES

export DEBIAN_FRONTEND=noninteractive
export DEBEMAIL=trisquel-devel@listas.trisquel.info
export DEBFULLNAME="Trisquel GNU/Linux developers"
export CODENAME=aramo
export REVISION=11.0
export RELEASE=trisquel
export DOMAIN=trisquel.info
export UPSTREAM=jammy
export UPSTREAMRELEASE=22.04
MIRROR=http://archive.ubuntu.com/ubuntu
LOCALMIRROR=http://archive.trisquel.org/trisquel
LOCAL_APT=`mktemp -d` 

if [ -n "$BUILD_UNTIL" ] && (( $(echo "$BUILD_UNTIL $REVISION" | awk '{print ($1 > $2)}') )); then
    echo "Skipping build of helper with BUILD_UNTIL=$BUILD_UNTIL > REVISION=$REVISION"
    exit 0
fi

export RPL="$PWD/DATA/rpl"
rpl(){
$RPL "$@"
}

pkgversion(){
	dpkg-parsechangelog --show-field Version
}
replace(){
find ${@:3} -type f -not -iregex '.*changelog.*' -not -iregex '.*copyright.*' -execdir /bin/sed --follow-symlinks -i s^"$1"^"$2"^g {} \;
}
changelog(){
head -n 1 debian/changelog | grep -q $UPSTREAM-security && REPO=$CODENAME-security || REPO=$CODENAME
[ "$BACKPORT" = true ] || [ "$BACKPORTS" = true ] && REPO=${CODENAME}-backports
#Name convention issue "+" breaking packages build like console-setup, using "-" instead.
echo | dch -D $REPO -v $FULLVERSION "$1"

# Make sure the changelog file is identical between archs
/bin/sed "/-- Trisquel/s/.*/ -- Trisquel GNU\/Linux developers <trisquel-devel@listas.trisquel.info>  $DATE/" -i debian/changelog
}


#Setup local apt

trap "rm -rf ${LOCAL_APT}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM

mkdir -p ${LOCAL_APT}/var/lib/apt/partial
mkdir -p ${LOCAL_APT}/var/cache/apt/archives/partial
mkdir -p ${LOCAL_APT}/etc/apt/trusted.gpg.d
mkdir -p ${LOCAL_APT}/var/lib/dpkg
touch ${LOCAL_APT}/var/lib/dpkg/status
[ $UID = 0 ] && id _apt > /dev/null 2>&1 && chown _apt ${LOCAL_APT}  -R

cat << EOF > ${LOCAL_APT}/etc/apt.conf
Dir::State "${LOCAL_APT}/var/lib/apt";
Dir::State::status "${LOCAL_APT}/var/lib/dpkg/status";
Dir::Etc::SourceList "${LOCAL_APT}/etc/apt/sources.list";
Dir::Etc::SourceParts "";
Dir::Cache "${LOCAL_APT}/var/cache/apt";
pkgCacheGen::Essential "none";
Dir::Etc::Trusted "${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg";
Acquire::ForceIPv4 "true";
EOF

fetchkey(){
    echo Fetching key $1 from hkps://keyserver.ubuntu.com:443
    if ! gpg -q --no-default-keyring --keyring gnupg-ring:${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg --keyserver hkps://keyserver.ubuntu.com:443 --recv-keys $1 ; then
         echo "W: invalid key from keyserver.ubuntu.com, fetching from db.debian.org"
         gpg -q --no-default-keyring --keyring gnupg-ring:${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg --keyserver hkps://keyring.debian.org:443 --recv-keys $1
    fi
}

cp DATA/keyring.gpg ${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg

# Also import the repository key optionally listed in the helper
[ "1$REPOKEY" != "1" ] && fetchkey $REPOKEY

cat << EOF > ${LOCAL_APT}/etc/apt/sources.list
deb-src $MIRROR $UPSTREAM main universe
deb-src $MIRROR $UPSTREAM-updates main universe
deb-src $MIRROR $UPSTREAM-security main universe

EOF

# manage external repository sources. If origin is ubuntu or debian, add updates and security repositories too
if [ "1$EXTERNAL" != "1" ]; then
 if eval echo "$EXTERNAL" | grep "archive.ubuntu.com" | grep -qv -e updates -e security -e backports -e proposed; then
   RELNAME=$(eval echo "$EXTERNAL" | cut -d' ' -f 3)
   COMPONENTS=$(eval echo "$EXTERNAL" | cut -d' ' -f 4-)
   echo "deb-src http://archive.ubuntu.com/ubuntu/ $RELNAME $COMPONENTS" > ${LOCAL_APT}/etc/apt/sources.list
   echo "deb-src http://archive.ubuntu.com/ubuntu/ ${RELNAME}-updates $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
   echo "deb-src http://archive.ubuntu.com/ubuntu/ ${RELNAME}-security $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
 elif eval echo "$EXTERNAL" | grep "ftp.debian.org" |grep -qv -e updates -e security -e backports -e testing -e sid -e unstable -e experimental -e proposed ; then
   RELNAME=$(eval echo "$EXTERNAL" | cut -d' ' -f 3)
   COMPONENTS=$(eval echo "$EXTERNAL" | cut -d' ' -f 4-)
   echo "deb-src http://deb.debian.org/debian $RELNAME $COMPONENTS" > ${LOCAL_APT}/etc/apt/sources.list
   echo "deb-src http://deb.debian.org/debian ${RELNAME}-updates $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
   echo "deb-src http://security.debian.org/debian-security/ ${RELNAME}-security $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
 else
   eval echo "$EXTERNAL" > ${LOCAL_APT}/etc/apt/sources.list
 fi
fi

#Cleanup
rm -rf PACKAGES/$PACKAGE
mkdir PACKAGES/$PACKAGE
cd PACKAGES/$PACKAGE
[ $UID = 0 ] && id _apt > /dev/null 2>&1 && chown _apt .

#Get package and uncompress it
apt-get update -c $LOCAL_APT/etc/apt.conf
if [ -n "$FIXED_VER" ]; then
  apt-get source --only-source $PACKAGE=$FIXED_VER --download-only -c ${LOCAL_APT}/etc/apt.conf
else
  apt-get source --only-source $PACKAGE --download-only -c ${LOCAL_APT}/etc/apt.conf
fi
# Verify it first
if grep -q "BEGIN PGP SIGNATURE" *.dsc; then
  KEY=$(gpg2 --keyid-format 0xlong --verify  *.dsc  2>&1 | grep 0x | sed 's/.*0x//' || true)
  [ -z "$KEY" ] && KEY=$(gpgv --keyring ${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring *.dsc 2>&1 | egrep ".SA key" | sed 's/.*.SA key //' || true)
  fetchkey $KEY
  gpg2 --verify --keyring ${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg *.dsc
  [ -n SCHROOT_COMMAND ] && gpgconf --kill gpg-agent
else
  echo WARNING! The dsc file is not gpg signed!
  [ -z "$EXTERNAL" ] && exit 1
fi

dpkg-source --no-check -x --skip-patches *.dsc source

find -maxdepth 1 -type f | xargs rm
cd source

UPSTREAMVERSION=$(dpkg-parsechangelog --show-field Version)

# This needs to be enabled (and reviewed) as first step of t12 release. Making it break here to force review
[ "$REVISION" == 12.0 ] && echo Review version string generation before building t12 packages! && exit 1
export FULLVERSION=$(dpkg-parsechangelog --show-field Version)+${REVISION}trisquel${VERSION}
[ "$PACKAGE" == "console-setup" ] && export FULLVERSION=$(dpkg-parsechangelog --show-field Version)-${REVISION}trisquel${VERSION}
# This is the proposed method:
#if echo $UPSTREAMVERSION | grep -q '-'; then
#    export FULLVERSION=$(dpkg-parsechangelog --show-field Version)+${REVISION}trisquel${VERSION}
#else
#    export FULLVERSION=$(dpkg-parsechangelog --show-field Version)-${REVISION}trisquel${VERSION}
#fi
# IMPORTANT: the build watchdog would need to be modified to match any changes done here

# Use 3.0 (native) deb source format
[ -f debian/source/format ] && echo "3 (native)" > debian/source/format
[ -f debian/source/options ] && rm debian/source/options

grep -lr 'Maintainer:' debian*/control* | \
xargs sed -i "s_^Maintainer.*_Maintainer: $DEBFULLNAME <$DEBEMAIL>_g"

package(){

# Make sure the series file is formated correctly after removals
if [ -f debian/patches/series ]; then
  grep -q [a-z] debian/patches/series || echo -n > debian/patches/series
fi

if [ 1$QUILT != 1skip ]; then
export QUILT_PATCHES=debian/patches
grep -qv '^#' debian/patches/series 2>/dev/null && quilt push -a
fi

cd ..
mv source $PACKAGE-$FULLVERSION
dpkg-source -b -I.falsefileextension99 $PACKAGE-$FULLVERSION
rm -rf ${LOCAL_APT}
echo "Trisquel source package built!"

}

sedhelper2(){
  FILE="$1"
  EXPR="$2"";"

  while [ 1"$EXPR" != 1 ];do
    SUBEXPR=$(cut -d\; -f 1 <<< "$EXPR")
    MD5=$(md5sum "$FILE")
    echo Running modification-aware sed: sed "$SUBEXPR" -i "$FILE" 1>&2
    /bin/sed "$SUBEXPR" -i "$FILE"
    if [ "$MD5" = "$(md5sum "$FILE")" ]; then
      echo File "$FILE" was not modified, stopping. 1>&2
      exit 1
    fi
    EXPR=$(cut -d\; -f 2- <<< "$EXPR" )
    echo $EXPR | egrep ';' -q || break
  done
}

sedhelper(){
  FILE="$1"
  EXPR="$2"

  MD5=$(md5sum "$FILE")
  echo Running modification-aware sed: sed "$EXPR" -i "$FILE" 1>&2
  /bin/sed "$EXPR" -i "$FILE"
  if [ "$MD5" = "$(md5sum "$FILE")" ]; then
    echo File "$FILE" was not modified, stopping. 1>&2
    exit 1
  fi
}

sed (){
if ! echo $@ | grep -qw '\-i'; then
  echo Running fallback sed: /bin/sed "$@" 1>&2
  /bin/sed "$@"
else

[ 1"$1" = "1-i" ] && shift

  SEDEXPR="$1"
  shift
  for FILE in "$@"; do
  [ 1"$FILE" = "1-i" ] && continue
  if [ -f "$FILE" ]; then
    sedhelper "$FILE" "$SEDEXPR"
  else
    echo File "$FILE" does not exist, stopping. 1>&2
    exit 1
  fi
  done
fi
}

remove_patch(){
  rm "$(find */patches -name "$1")"
  sed -i "/$1/d" debian/patches/series
}

sed_csum() {
    echo "> Checksum replace for $1 in progress..."
    grep -rl "$1" "${3:-"./"}" | xargs -r /bin/sed -i "s|$1|$2|"
}

patch_p1() {
echo "> Applying $(echo $1|xargs basename):"
patch --no-backup-if-mismatch -p1 < $1
}