#!/usr/bin/env bash
set -euo pipefail

# Commit to run upstream node e2e tests
NODE_E2E_COMMIT=2c43fb8a34e1cf59266e2f9a903e9ce88bf4c8ef

enable_selinux() {
    # Make sure SELinux is enabled
    setenforce 1

    # Get the SELinux package
    curl --fail --retry 5 --retry-delay 3 --silent --show-error -o /tmp/kubelet-e2e.pp https://storage.googleapis.com/cri-o/selinux/kubelet-e2e.pp
    semodule -i /tmp/kubelet-e2e.pp
}

install_crio() {
    # Download and install CRIO
    curl --fail --retry 5 --retry-delay 3 --silent --show-error -o /usr/local/crio-install.sh https://raw.githubusercontent.com/cri-o/cri-o/main/scripts/get
    bash /usr/local/crio-install.sh -t "$NODE_E2E_COMMIT"

    # Setup SELinux labels
    mkdir -p /var/lib/kubelet
    chcon -R -u system_u -r object_r -t var_lib_t /var/lib/kubelet

    mount /tmp /tmp -o remount,exec,suid

    # Remove unwanted cni configuration files
    rm -f /etc/cni/net.d/87-podman-bridge.conflist

    # Setup log level
    echo "CONTAINER_LOG_LEVEL=debug" >>/etc/sysconfig/crio

    cat <<EOF >/etc/crio/crio.conf.d/10-crun.conf
[crio.runtime]
[crio.runtime.runtimes]
[crio.runtime.runtimes.test-handler]
EOF

    cat <<EOF >/etc/crio/crio.conf.d/20-runc.conf
[crio.runtime]
default_runtime = "runc"
[crio.runtime.runtimes]
[crio.runtime.runtimes.runc]
EOF

    cat <<EOF >/etc/crio/crio.conf.d/30-infra-container.conf
[crio.runtime]
drop_infra_ctr = false
EOF

}

enable_selinux

install_crio

# Finally start crio
systemctl enable crio.service
systemctl start crio.service
