resource "kubectl_manifest" "cm_env" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: "${var.instance}-${var.component}-envs"
      labels: ${jsonencode(local.sonar_all_labels)}
      namespace: ${var.namespace}
    data:
      SONAR_JDBC_USERNAME: ${var.component}
      SONAR_JDBC_URL: jdbc:postgresql://${var.instance}-${var.component}-pg-rw.${var.namespace}.svc:5432/${var.component}
      SONAR_WEB_CONTEXT: /
      SONAR_WEB_JAVAOPTS: -javaagent:/opt/sonarqube/data/jmx_prometheus_javaagent.jar=8000:/opt/sonarqube/conf/prometheus-config.yaml
      SONAR_CE_JAVAOPTS:  -javaagent:/opt/sonarqube/data/jmx_prometheus_javaagent.jar=8001:/opt/sonarqube/conf/prometheus-ce-config.yaml
EOF
}

resource "kubectl_manifest" "cm_files" {
  yaml_body  = <<-EOF
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: "${var.instance}-${var.component}-files"
      labels: ${jsonencode(local.sonar_all_labels)}
      namespace: ${var.namespace}
    data:
      sonar.properties: |-
        sonar.telemetry.enable=false
        sonar.updatecenter.activate=false
        sonar.auth.saml.enabled=true
        sonar.auth.saml.applicationId=${module.saml.app_id}
        sonar.auth.saml.providerName=vynil
        sonar.auth.saml.providerId=${module.saml.issuer}
        sonar.auth.saml.loginUrl=${module.saml.url_sso_init}
        sonar.auth.saml.certificate.secured=${join("",[for line in split("\n",module.saml.certificate_data): line if !endswith(line, "CERTIFICATE-----")])}
        sonar.auth.saml.user.login=windowsaccountname
        sonar.auth.saml.user.name=name
        sonar.auth.saml.user.email=emailaddress
      prometheus-ce-config.yaml: |-
        rules:
        - pattern: .*
      prometheus-config.yaml: |-
        rules:
        - pattern: .*
EOF
}

resource "kubectl_manifest" "cm_scripts" {
  yaml_body  = join("", concat([<<EOF
    apiVersion: v1
    kind: ConfigMap
    metadata:
      name: "${var.instance}-${var.component}-scripts"
      labels: ${jsonencode(local.sonar_all_labels)}
      namespace: ${var.namespace}
    data:
      init_sysctl.sh: |-
        if [[ "$(sysctl -n vm.max_map_count)" -lt 524288 ]]; then
          sysctl -w vm.max_map_count=524288
        fi
        if [[ "$(sysctl -n fs.file-max)" -lt 131072 ]]; then
          sysctl -w fs.file-max=131072
        fi
        if [[ "$(ulimit -n)" != "unlimited" ]]; then
          if [[ "$(ulimit -n)" -lt 131072 ]]; then
            echo "ulimit -n 131072"
            ulimit -n 131072
          fi
        fi
        if [[ "$(ulimit -u)" != "unlimited" ]]; then
          if [[ "$(ulimit -u)" -lt 8192 ]]; then
            echo "ulimit -u 8192"
            ulimit -u 8192
          fi
        fi
      init_fs.sh: chown -R 1000:0 /opt/sonarqube
      install_plugins.sh: |-
        #!/bin/bash
        if [ ! -f /data/jmx_prometheus_javaagent.jar ];then
          curl -s 'https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.17.2/jmx_prometheus_javaagent-0.17.2.jar'  --output /data/jmx_prometheus_javaagent.jar -v
        fi
        get_plugin() {
          file=$(echo $1|sed 's#.*/##')
          if [ ! -f "$file" ];then
            curl -fsSLO "$1"
          fi
        }
        cd /opt/sonarqube/extensions/plugins
EOF
    ],[for p in var.plugins: "        get_plugin ${p}"]))
}