#!/usr/bin/env bash

set -eox pipefail

spectool -fg containers-common.spec

if [[ $(git rev-parse --abbrev-ref HEAD) == "rawhide" ]]; then
    sed -i -e 's/^driver.*=.*/driver = "overlay"/' -e 's/^mountopt.*=.*/mountopt = "nodev,metacopy=on"/' \
        -e 's/^pull_options.*=.*/pull_options = {enable_partial_images = \"true\", use_hard_links = \"false\", ostree_repos=""}/' \
        storage.conf
else
    sed -i -e 's/^driver.*=.*/driver = "overlay"/' -e 's/^mountopt.*=.*/mountopt = "nodev,metacopy=on"/' \
        -e '/additionalimage.*/a "/usr/lib/containers/storage",' \
        storage.conf
fi

[ `grep "keyctl" seccomp.json | wc -l` == 0 ] && sed -i '/\"kill\",/i \
                                "keyctl",' seccomp.json
sed -i '/\"socketcall\",/i \
                                "socket",' seccomp.json

sed -i 's/^#.*unqualified-search-registries.*=.*/unqualified-search-registries = ["registry.fedoraproject.org", "registry.access.redhat.com", "docker.io", "quay.io"]/g' \
        registries.conf

grep 'short-name-mode="enforcing"' registries.conf
if [[ $? == 1 ]]; then
    echo -e '\nshort-name-mode="enforcing"' >> registries.conf
fi

sed -i -e 's/^#.*log_driver.*=.*/log_driver = "journald"/' \
    containers.conf

git checkout origin default-policy.json