#!/bin/bash

# Determine the Sealed Secrets namespace
if kubectl get ns sealed-secrets &>/dev/null; then
    NAMESPACE="sealed-secrets"
elif kubectl get ns kube-tools-system &>/dev/null; then
    NAMESPACE="kube-tools-system"
else
    echo "No valid Sealed Secrets namespace found (sealed-secrets or kube-tools-system)."
    exit 1
fi

# Seal the secret
if [[ -f "secret.yml" ]]; then
    cat secret.yml | kubeseal --controller-namespace "$NAMESPACE" --controller-name sealed-secrets --format yaml > SealedSecret.yml
    echo "SealedSecret.yml has been created in namespace $NAMESPACE."

elif [[ -f "secret.yaml" ]]; then
    cat secret.yaml | kubeseal --controller-namespace "$NAMESPACE" --controller-name sealed-secrets --format yaml > SealedSecret.yaml
    echo "SealedSecret.yaml has been created in namespace $NAMESPACE."

else
    echo "Neither secret.yml nor secret.yaml found."
    exit 1
fi
