#!/bin/bash

. fsx.conf

# This script removes the integration of your EKS cluster with FSx
# Please note that deleting any dynamically provisioned FSx volumes
# destroys the volumes and the data stored in them

# Storage class
kubectl delete -f ./fsx-storage-class.yaml
rm -f ./fsx-storage-class.yaml

# Security group
echo ""
echo "Checking security group ${FSX_SECURITY_GROUP_NAME} ..."
SECURITY_GROUP_ID=$(aws ec2 describe-security-groups --query SecurityGroups[?GroupName=="'${FSX_SECURITY_GROUP_NAME}'"].{GroupId:GroupId} --output text)
if [ "$SECURITY_GROUP_ID" == "" ]; then
        echo "Not found."
else
        echo "Found."
        echo "SECURITY_GROUP_ID=${SECURITY_GROUP_ID}"
        echo "Deleting ..."
        aws ec2 delete-security-group --group-id ${SECURITY_GROUP_ID}
fi

# FSx CSI driver
kubectl delete -k "github.com/kubernetes-sigs/aws-fsx-csi-driver/deploy/kubernetes/overlays/stable/?ref=master"

# FSx Policy
echo ""
echo "Checking FSx Policy ${FSX_POLICY_NAME} ..."
POLICY_ARN=$(aws iam list-policies --query Policies[?PolicyName=="'${FSX_POLICY_NAME}'"].{Arn:Arn} --output text)
echo ""
if [ "$POLICY_ARN" == "" ]; then
        echo "Policy does not exist."
else
        echo "Policy ${FSX_POLICY_NAME} found"
        echo "POLICY_ARN=$POLICY_ARN"
        # Detach policy from EKS Instance Profiles
        echo ""
        echo "Checking instance profiles ..."
        for index in ${!EKS_INSTANCE_PROFILE_NAMES[@]}; do
                EKS_INSTANCE_PROFILE_NAME=${EKS_INSTANCE_PROFILE_NAMES[$index]}
                echo ""
                echo "Instance profile ${EKS_INSTANCE_PROFILE_NAME} ..."
                INSTANCE_PROFILE=$(aws iam list-instance-profiles --query InstanceProfiles[?InstanceProfileName=="'${EKS_INSTANCE_PROFILE_NAME}'"].{InstanceProfileName:InstanceProfileName} --output text)
                if [ "$INSTANCE_PROFILE" == "" ]; then
                        echo "Not found."
                        echo "Please check fsx.conf and try again."
                        echo "The configured instance profile must exist"
                        echo "Describe one of the EKS instances in each node group that should have access to FSx "
                        echo "and find its attached instance profile. Update the array in fsx.conf and try again."
                        exit 1
                else
                        echo "Found."
                        echo "Getting instance profile role ..."
                        ROLE_NAME=$(aws iam get-instance-profile --instance-profile-name ${INSTANCE_PROFILE} --query InstanceProfile.Roles[0].RoleName --output text)
                        echo "Detaching FSx Policy from role ${ROLE_NAME} ..."
                        aws iam detach-role-policy --role-name ${ROLE_NAME} --policy-arn ${POLICY_ARN}
                fi
        done
        echo ""
        echo "Deleting policy ${FSX_POLICY_NAME} ..."
        aws iam delete-policy --policy-arn ${POLICY_ARN}
fi

kubectl get sc