set fallback := true

export K8S_VAULT_NAMESPACE := env("K8S_VAULT_NAMESPACE", "vault")
export VAULT_CHART_VERSION := env("VAULT_CHART_VERSION", "0.31.0")
export VAULT_HOST := env("VAULT_HOST", "")
export VAULT_ADDR := "https://" + VAULT_HOST
export VAULT_DEBUG := env("VAULT_DEBUG", "false")
SECRET_PATH := "secret"


[private]
default:
    @just --list --unsorted --list-submodules

# Add Helm repository
add-helm-repo:
    helm repo add hashicorp https://helm.releases.hashicorp.com
    helm repo update

# Remove Helm repository
remove-helm-repo:
    helm repo remove hashicorp


# Create Vault namespace
create-namespace:
    @kubectl get namespace ${K8S_VAULT_NAMESPACE} > /dev/null || kubectl create namespace ${K8S_VAULT_NAMESPACE}

# Delete Vault namespace
delete-namespace:
    @kubectl delete namespace ${K8S_VAULT_NAMESPACE} --ignore-not-found

install:
    #!/bin/bash
    set -eu
    just create-namespace
    just add-helm-repo
 
    gomplate -f vault-values.gomplate.yaml -o vault-values.yaml

    helm upgrade \
      --cleanup-on-fail \
      --install \
      vault \
      hashicorp/vault \
      --namespace ${K8S_VAULT_NAMESPACE} \
      --wait \
      -f vault-values.yaml

    kubectl wait pod --for=condition=PodReadyToStartContainers \
        -n ${K8S_VAULT_NAMESPACE} vault-0 --timeout=5m


# Uninstall Vault
uninstall delete-ns='false':
    #!/bin/bash
    set -euo pipefail
    helm uninstall vault -n ${K8S_VAULT_NAMESPACE} --ignore-not-found --wait
    just delete-namespace